CVE-2005-0467

Name of the Vulnerable Software and Affected Versions PuTTY versions prior to 0.56

Description The issue is caused by multiple integer overflows in the sftp pkt getstring and fxp readdir recv functions in the PSFTP and PSCP clients. This allows remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.

Recommendations For versions prior to 0.56, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.