CVE-2020-9273

2020-02-20T16:15:00
ID CVE-2020-9273
Type cve
Reporter cve@mitre.org
Modified 2020-02-21T23:15:00

Description

In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.