PT-2010-4223 · Fath · Fathftp Activex Control

Blake

Published

2010-07-12

Updated

2017-08-17

CVE-2010-2701

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FathFTP ActiveX control version 1.7

Description The issue concerns multiple buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved via the GetFromURL member or by providing a long argument to the RasIsConnected method.

Recommendations For FathFTP ActiveX control version 1.7, consider disabling the GetFromURL member and restrict the input length for the RasIsConnected method to prevent exploitation until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-2701

Affected Products

Fathftp Activex Control

PT-2010-4223 · Fath · Fathftp Activex Control

CVE-2010-2701

Weakness Enumeration

Related Identifiers

Affected Products

References · 5