Description
Multiple serious vulnerabilities have been found in Groove products. Malicious users can exploit these vulnerabilities to obtain sensitive information, inject web scripts, bypass security restrictions and spoof filenames. Below is a complete list of vulnerabilities
- Improper file extension display can be exploited remotely via a specially designed filename;
- Vectors related to COM objects can be exploited remotely;
- XSS vulnerabilities in can be exploited remotely;
- Insecure permissions can be exploited locally.
Original advisories
Related products
CVE list
- CVE-2005-1678 warning
- CVE-2005-1677 critical
- CVE-2005-1676 high
- CVE-2005-1675 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!