MidnightBSD

Advisories for harbingergroup

CVE-2023-34407

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL.

Products Affected

Vendor Product Version
harbingergroup office_player 4.0.6.0.2