Lucene search

[email protected]CVE-2004-1118

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1118

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1118

buffer overflow

wodftpdlx.ocx

activex

coffeecup direct ftp

coffeecup free ftp

remote code execution

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.131 Low

EPSS

Percentile

95.6%

JSON

Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.

Affected configurations

NVD

Node

weonlydowodftpdlx_activex_component

weonlydowodftpdlx_activex_componentMatch2.1.1_8

CPENameOperatorVersion
weonlydo:wodftpdlx_activex_componentweonlydo wodftpdlx activex componenteq*
weonlydo:wodftpdlx_activex_componentweonlydo wodftpdlx activex componenteq2.1.1_8

CPE	Name	Operator	Version
weonlydo:wodftpdlx_activex_component	weonlydo wodftpdlx activex component	eq	*
weonlydo:wodftpdlx_activex_component	weonlydo wodftpdlx activex component	eq	2.1.1_8

References

lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html

lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html

marc.info/?l=bugtraq&m=110114233323417&w=2

www.securityfocus.com/bid/11721

exchange.xforce.ibmcloud.com/vulnerabilities/18190

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.131 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2004-1118

cvelist1 nvd1