Search criteria
3 vulnerabilities found for xfile by softartisans
FKIE_CVE-2007-1682
Vulnerability from fkie_nvd - Published: 2008-08-27 20:41 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| softartisans | xfile | * | |
| softartisans | xfile | 1.0 | |
| softartisans | xfile | 1.0.6 | |
| softartisans | xfile | 1.0.7 | |
| softartisans | xfile | 1.0.8 | |
| softartisans | xfile | 1.1 | |
| softartisans | xfile | 1.01 | |
| softartisans | xfile | 1.1.1 | |
| softartisans | xfile | 1.1.2 | |
| softartisans | xfile | 1.1.3 | |
| softartisans | xfile | 1.1.4 | |
| softartisans | xfile | 1.1.5 | |
| softartisans | xfile | 1.1.6 | |
| softartisans | xfile | 1.1.7 | |
| softartisans | xfile | 2.0 | |
| softartisans | xfile | 2.0.2 | |
| softartisans | xfile | 2.0.3 | |
| softartisans | xfile | 2.1.3 | |
| softartisans | xfile | 2.1.4 | |
| softartisans | xfile | 2.1.5 | |
| softartisans | xfile | 2.1.6 | |
| softartisans | xfile | 2.1.7 | |
| softartisans | xfile | 2.2.3 | |
| softartisans | xfile | 2.2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:softartisans:xfile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFD01A6-2CB3-4EF1-A81F-CF472294081C",
"versionEndIncluding": "2.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A349F44E-3A51-4702-BBB3-7D5B622C68C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57F37B78-F308-4F2C-BEA4-96E91AA05906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FAEA84-407B-4900-9642-60127D617C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84A4500E-7D34-4436-8B27-B127C1D08CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F04D099-BFA4-4330-8AF3-EC395E436709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "1B58368F-25B3-4FE4-A5C6-00F6C6888F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE74F9B-2F6E-4445-9A34-A04E622F269E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC26101E-077A-42AD-B82F-C5E19AC7FB97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "710AB2A2-293A-44D8-92EC-26143599BB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5E00B5-1D19-4C95-9660-5E3B18E871B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E00A5FCF-31B6-4788-B836-34FEA4A5E1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53C356DC-5C96-4F8D-83AD-3142E87F88B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E203841-ACD0-4B16-93BC-F650CB6F7853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92F3C27D-9BF4-4A36-8B0C-B813C367B22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8557F8A0-265D-4FEA-9982-9E19EE36CF47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28350273-2166-474C-AD1F-5591AD644F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EC8D73-E71A-4988-A687-10C9AB6EFC83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3134EF9B-D4D6-4F9A-8E63-3AE20105BF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB5E60A-8DEB-408A-B0BB-404BF2D6AB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6D143F22-E10F-4548-80CE-79547366A670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F61EA55C-4DC4-4D7E-8B95-B331DC510A2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F31FDCD-EC0D-4F49-8032-C062A9FB7E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softartisans:xfile:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D43259-8042-45A4-AF36-B1576FACBAFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
},
{
"lang": "es",
"value": "M\u00faltiples desbordmientos de b\u00fafer basados en pila en el control ActiveX de FileManager en SAFmgPws.dll de SoftArtisans XFile versiones anteriores a 2.4.0 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de llamadas no especificadas a los m\u00e9todos (1) BuildPath, (2) GetDriveName, (3) DriveExists, o (4) DeleteFile."
}
],
"id": "CVE-2007-1682",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-08-27T20:41:00.000",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31615"
},
{
"source": "cret@cert.org",
"url": "http://support.softartisans.com/Support-114.aspx"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/30826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.softartisans.com/Support-114.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30826"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-1682 (GCVE-0-2007-1682)
Vulnerability from cvelistv5 – Published: 2008-08-27 20:00 – Updated: 2024-08-07 13:06
VLAI?
Summary
Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#914785",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.softartisans.com/Support-114.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-09-03T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#914785",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.softartisans.com/Support-114.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-1682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#914785",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30826"
},
{
"name": "http://support.softartisans.com/Support-114.aspx",
"refsource": "CONFIRM",
"url": "http://support.softartisans.com/Support-114.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-1682",
"datePublished": "2008-08-27T20:00:00",
"dateReserved": "2007-03-26T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1682 (GCVE-0-2007-1682)
Vulnerability from nvd – Published: 2008-08-27 20:00 – Updated: 2024-08-07 13:06
VLAI?
Summary
Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#914785",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.softartisans.com/Support-114.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-09-03T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#914785",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.softartisans.com/Support-114.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-1682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#914785",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30826"
},
{
"name": "http://support.softartisans.com/Support-114.aspx",
"refsource": "CONFIRM",
"url": "http://support.softartisans.com/Support-114.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-1682",
"datePublished": "2008-08-27T20:00:00",
"dateReserved": "2007-03-26T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}