Lucene search

[email protected]CVE-2003-1319

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1319

2003-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

buffer overflow

smartftp

remote code execution

nvd

security vulnerability

8 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.092 Low

EPSS

Percentile

94.6%

JSON

Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow.

CPENameOperatorVersion
smartftp:smartftpsmartftple1.0.973

CPE	Name	Operator	Version
smartftp:smartftp	smartftp	le	1.0.973

References

archives.neohapsis.com/archives/bugtraq/2003-06/0083.html

secunia.com/advisories/8998

security.nnov.ru/docs4679.html

securitytracker.com/id?1006956

www.securityfocus.com/bid/7858

www.securityfocus.com/bid/7861

exchange.xforce.ibmcloud.com/vulnerabilities/12228

exchange.xforce.ibmcloud.com/vulnerabilities/12231

8 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.092 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2003-1319

nessus1 securityvulns1