Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJpcertCVE-2011-4266
HistoryDec 13, 2011 - 11:55 a.m.

CVE-2011-4266

2011-12-1311:55:06
jpcert
web.nvd.nist.gov
24
cve-2011-4266
untrusted search path vulnerability
ffftp
privilege escalation
executable file
trojan horse
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

48.4%

JSON

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.

Affected configurations

Nvd
Node
ffftpffftpRange1.98c
OR
ffftpffftpMatch1.79a
OR
ffftpffftpMatch1.80
OR
ffftpffftpMatch1.81
OR
ffftpffftpMatch1.82
OR
ffftpffftpMatch1.83
OR
ffftpffftpMatch1.84
OR
ffftpffftpMatch1.85
OR
ffftpffftpMatch1.86
OR
ffftpffftpMatch1.86a
OR
ffftpffftpMatch1.87
OR
ffftpffftpMatch1.87a
OR
ffftpffftpMatch1.88
OR
ffftpffftpMatch1.88a
OR
ffftpffftpMatch1.88b
OR
ffftpffftpMatch1.89
OR
ffftpffftpMatch1.89a
OR
ffftpffftpMatch1.89b
OR
ffftpffftpMatch1.90
OR
ffftpffftpMatch1.91
OR
ffftpffftpMatch1.92
OR
ffftpffftpMatch1.92a
OR
ffftpffftpMatch1.92b
OR
ffftpffftpMatch1.92c
OR
ffftpffftpMatch1.93
OR
ffftpffftpMatch1.94
OR
ffftpffftpMatch1.94a
OR
ffftpffftpMatch1.95
OR
ffftpffftpMatch1.96
OR
ffftpffftpMatch1.96a
OR
ffftpffftpMatch1.96b
OR
ffftpffftpMatch1.96c
OR
ffftpffftpMatch1.96d
OR
ffftpffftpMatch1.97
OR
ffftpffftpMatch1.97a
OR
ffftpffftpMatch1.97b
OR
ffftpffftpMatch1.98
OR
ffftpffftpMatch1.98a
OR
ffftpffftpMatch1.98b
VendorProductVersionCPE
ffftpffftp*cpe:2.3:a:ffftp:ffftp:*:c:*:*:*:*:*:*
ffftpffftp1.79acpe:2.3:a:ffftp:ffftp:1.79a:*:*:*:*:*:*:*
ffftpffftp1.80cpe:2.3:a:ffftp:ffftp:1.80:*:*:*:*:*:*:*
ffftpffftp1.81cpe:2.3:a:ffftp:ffftp:1.81:*:*:*:*:*:*:*
ffftpffftp1.82cpe:2.3:a:ffftp:ffftp:1.82:*:*:*:*:*:*:*
ffftpffftp1.83cpe:2.3:a:ffftp:ffftp:1.83:*:*:*:*:*:*:*
ffftpffftp1.84cpe:2.3:a:ffftp:ffftp:1.84:*:*:*:*:*:*:*
ffftpffftp1.85cpe:2.3:a:ffftp:ffftp:1.85:*:*:*:*:*:*:*
ffftpffftp1.86cpe:2.3:a:ffftp:ffftp:1.86:*:*:*:*:*:*:*
ffftpffftp1.86acpe:2.3:a:ffftp:ffftp:1.86a:*:*:*:*:*:*:*
Rows per page:
1-10 of 391

Related

nvd 2
cvelist 2
prion 2
jvn 2
openvas 4
cve 1
nvd
nvd
CVE-2011-4266
2011-12-13 11:55:06
CVE-2011-3991
2011-11-04 21:55:08
cvelist
cvelist
CVE-2011-4266
2011-12-13 11:00:00
CVE-2011-3991
2011-11-04 21:00:00
prion
prion
Design/Logic Flaw
2011-12-13 11:55:00
Design/Logic Flaw
2011-11-04 21:55:00
jvn
jvn
JVN#94002296: FFFTP may insecurely load executable files
2011-12-09 00:00:00
JVN#62336482: FFFTP may insecurely load executable files
2011-10-28 00:00:00
openvas
openvas
FFFTP Untrusted Search Path Vulnerability (Windows) - Dec 11
2011-12-15 00:00:00
FFFTP Untrusted Search Path Vulnerability (Dec 2011) - Windows
2011-12-15 00:00:00
FFFTP Untrusted Search Path Vulnerability (Windows)
2011-11-08 00:00:00
cve
cve
CVE-2011-3991
2011-11-04 21:55:08

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

48.4%

JSON
Related for CVE-2011-4266
nvd2cvelist2prion2jvn2openvas4cve1