Unrated severityNVD Advisory· Published Feb 18, 2014· Updated Jun 17, 2026
CVE-2014-1861
CVE-2014-1861
Description
The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 does not validate the FileName element in an RDP_FILE_TRANSFER document, which allows remote JCSB servers to execute arbitrary programs by providing a .EXE extension.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:jetroplatforms:jetro_cockpit_secure_browsing:4.3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:jetroplatforms:jetro_cockpit_secure_browsing:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:jetroplatforms:jetro_cockpit_secure_browsing:4.3.3:*:*:*:*:*:*:*
- Range: = 4.3.1 and 4.3.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.