CVE-2012-0315

Name of the Vulnerable Software and Affected Versions ALFTP versions prior to 5.31

Description The issue allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file. This can be demonstrated by executing the README.exe file when a user attempts to access the README file.

Recommendations For versions prior to 5.31, update to version 5.31 or later to resolve the issue. As a temporary workaround, consider restricting access to directories that contain executable files to minimize the risk of exploitation.