CVE-2012-4992

Name of the Vulnerable Software and Affected Versions FlashFXP version 4.2

Description The issue is related to multiple buffer overflows in FlashFXP.exe, which can be exploited by remote authenticated users to execute arbitrary code. This can be achieved by sending a long unicode string to either the TListbox or the TComboBox.

Recommendations For FlashFXP version 4.2, consider updating to a newer version that addresses these buffer overflows, as using a long unicode string in TListbox or TComboBox can lead to arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.