CVE-2014-8788

Published: Dec 2, 2014Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message.

Affected (6)

Products: Gleamtech: Filevista

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Gleamtech Filevista	Up to 6.0.9
Gleamtech Filevista	Version 6.0.5
Gleamtech Filevista	Version 6.0.6
Gleamtech Filevista	Version 6.0.7
Gleamtech Filevista	Version 6.0.8
Gleamtech Filevista	Version 6.0

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://packetstormsecurity.com/files/129304/FileVista-Path-Leakage-Path-Write-Modification.html

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2014/Nov/87

Source: cve@mitre.org

http://support.gleamtech.com/kb/a10/version-history-of-filevista.aspx

Source: cve@mitre.org

http://packetstormsecurity.com/files/129304/FileVista-Path-Leakage-Path-Write-Modification.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2014/Nov/87

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.gleamtech.com/kb/a10/version-history-of-filevista.aspx

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.