CVE-2020-17381
- EPSS 0.05%
- Veröffentlicht 21.10.2020 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:07:58
An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%\totalcmd\TOTALCMD64.EXE binary.
- EPSS 1.85%
- Veröffentlicht 21.07.2015 15:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
The FileInfo plugin before 2.22 for Ghisler Total Commander allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via (1) a large Size value in the Archive Member Header of a COFF Archive Library file, (2) a ...
CVE-2007-4756
- EPSS 1%
- Veröffentlicht 08.09.2007 01:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP servers to create or overwrite arbitrary files via "..\" (dot dot backslash) sequences in a filename. NOTE: the "..\" are not displayed when the use...
- EPSS 7.94%
- Veröffentlicht 21.08.2007 21:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to cause a denial of service (unhandled exception) via an invalid RVA address function pointer in (1) an IMAGE_THUNK_DATA structure, involving the (a) OriginalFirstTh...
CVE-2007-4464
- EPSS 0.55%
- Veröffentlicht 21.08.2007 21:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGE_EXPORT_DIRECTORY array in a PE file...