CVE-2007-2318

Sažetak

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/34436
http://osvdb.org/34437
http://secunia.com/advisories/24894
http://sourceforge.net/project/shownotes.php?release_id=501534&group_id=21558
http://www.securityfocus.com/bid/23506

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

13-11-2008 - 06:38

Objavljeno

26-04-2007 - 21:19