Published:2006/08/10 Last Updated:2008/05/21
JVN#62171179
Kiri directory traversal vulnerability
Overview
Database software Kiri contains a directory traversal vulnerability in its email analysis command.
Products Affected
- Kiri ver9-2006
- Kiri ver9-2005
- Kiri ver9-2004
Description
Impact
If the email analysis command processes an email with an attachment with a particular file name, the attachment may be written to an unintended location.
Solution
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Kanrikogaku Kenkyusho, Ltd. | Vulnerable | 2007/06/08 |
References
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2006-000641 |