CVE-2008-5753

Опубликовано: 30 дек. 2008

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.

Ссылки

http://osvdb.org/50968
http://packetstormsecurity.com/files/131965/BulletProof-FTP-Client-2010-Buffer-Overflow.html
Exploit
http://secunia.com/advisories/33322
http://securityreason.com/securityalert/4835
http://www.kb.cert.org/vuls/id/565580
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/33007
Exploit
https://www.exploit-db.com/exploits/37056/
https://www.exploit-db.com/exploits/7571
http://osvdb.org/50968
http://packetstormsecurity.com/files/131965/BulletProof-FTP-Client-2010-Buffer-Overflow.html
Exploit
http://secunia.com/advisories/33322
http://securityreason.com/securityalert/4835
http://www.kb.cert.org/vuls/id/565580
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/33007
Exploit
https://www.exploit-db.com/exploits/37056/
https://www.exploit-db.com/exploits/7571

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bpftp:bulletproof_ftp_client:2.63:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.27784

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-8qrp-vpc4-vphf

github

больше 3 лет назад