The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols.
References
Configurations
Information
Published : 2014-10-09 18:55
Updated : 2014-10-10 12:59
NVD link : CVE-2014-7226
Mitre link : CVE-2014-7226
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
rejetto
- http_file_server