Описание
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an tag.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.7.4:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05848
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 20 лет назад
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 ...
github
больше 3 лет назад
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
EPSS
Процентиль: 90%
0.05848
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other