Lucene search

[email protected]CVE-2001-1103

HistorySep 01, 2004 - 4:00 a.m.

CVE-2001-1103

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1103

ftp voyager

activex control

safe scripting

iobjectsafety interface

remote attacks

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.9%

JSON

FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.

Affected configurations

NVD

Node

rhinosoftftp_voyagerRange≤8.0

CPENameOperatorVersion
rhinosoft:ftp_voyagerrhinosoft ftp voyagerle8.0

CPE	Name	Operator	Version
rhinosoft:ftp_voyager	rhinosoft ftp voyager	le	8.0

References

www.kb.cert.org/vuls/id/320944

exchange.xforce.ibmcloud.com/vulnerabilities/7119

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.9%

JSON

Related for CVE-2001-1103

nvd1 cvelist1