PT-2010-4223 · Fath · Fathftp Activex Control

Blake

Publicado

2010-07-12

Atualizado

2017-08-17

CVE-2010-2701

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FathFTP ActiveX control version 1.7

Description The issue concerns multiple buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved via the GetFromURL member or by providing a long argument to the RasIsConnected method.

Recommendations For FathFTP ActiveX control version 1.7, consider disabling the GetFromURL member and restrict the input length for the RasIsConnected method to prevent exploitation until a patch is available.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2010-2701

Produtos afetados

Fathftp Activex Control

PT-2010-4223 · Fath · Fathftp Activex Control

CVE-2010-2701

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5