CVE-2013-6809

Sažetak

Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.

Reference

http://osvdb.org/100511
http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html
http://seclists.org/fulldisclosure/2013/Dec/15
https://exchange.xforce.ibmcloud.com/vulnerabilities/89455

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

13-12-2013 - 18:55