CVE-2011-4266

Name of the Vulnerable Software and Affected Versions FFFTP versions prior to 1.98d

Description The issue allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file. This can be demonstrated by executing the README.exe file when a user attempts to access the README file.

Recommendations For versions prior to 1.98d, update to version 1.98d or later to resolve the issue. As a temporary workaround, consider restricting access to directories that contain executable files to minimize the risk of exploitation.