CVE-2014-0605

Name of the Vulnerable Software and Affected Versions Attachmate Reflection FTP Client versions prior to 14.1.429

Description The issue is related to a directory traversal vulnerability in the rftpcom.dll ActiveX control. This vulnerability allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method.

Recommendations For versions prior to 14.1.429, update to version 14.1.429 or later to resolve the issue. As a temporary workaround, consider disabling the SaveSettings method in the rftpcom.dll ActiveX control until a patch is applied. Restrict access to the rftpcom.dll module to minimize the risk of exploitation.