Описание
Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:globalscape:cuteftp:8.3.3:*:home:*:*:*:*:*
cpe:2.3:a:globalscape:cuteftp:8.3.3:*:lite:*:*:*:*:*
cpe:2.3:a:globalscape:cuteftp:8.3.3:*:pro:*:*:*:*:*
cpe:2.3:a:globalscape:cuteftp:8.3.3.0054:*:home:*:*:*:*:*
cpe:2.3:a:globalscape:cuteftp:8.3.3.0054:*:lite:*:*:*:*:*
cpe:2.3:a:globalscape:cuteftp:8.3.3.0054:*:pro:*:*:*:*:*
EPSS
Процентиль: 86%
0.02933
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label.
EPSS
Процентиль: 86%
0.02933
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119