Vulnerabilities > CVE-2014-0607 - Arbitrary File Upload vulnerability in Attachmate Verastream Process Designer 6.0

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

attachmate

critical

NVD

Published: 2014-07-24

Updated: 2014-07-24

Summary

Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file. <a href="http://cwe.mitre.org/data/definitions/434.html" target="_blank">CWE-434: Unrestricted Upload of File with Dangerous Type</a>

Vulnerable Configurations

Part	Description	Count
Application	Attachmate Attachmate Verastream Process Designer 6.0	2

References

http://support.attachmate.com/techdocs/2700.html