Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11447
HistorySep 07, 2007 - 12:00 a.m.

KLA11447 ACE vulnerability in WinSCP

2007-09-0700:00:00
Kaspersky Lab
threats.kaspersky.com
5

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.078 Low

EPSS

Percentile

94.2%

JSON

Interpretation conflict vulnerability was found in WinSCP. Malicious users can exploit this vulnerability remotely to execute arbitrary code.

Original advisories

Related products

WinSCP

CVE list

CVE-2007-4909 critical

Solution

Update to the latest version

Download WinSCP

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

  • WinSCP earlier than 4.0.4

Related

nessus 1
cvelist 1
nvd 1
prion 1
cve 1
nessus
nessus
WinSCP URL Protocol Handler Arbitrary File Transfer
2007-09-14 00:00:00
cvelist
cvelist
CVE-2007-4909
2007-09-17 17:00:00
nvd
nvd
CVE-2007-4909
2007-09-17 17:17:00
prion
prion
Design/Logic Flaw
2007-09-17 17:17:00
cve
cve
CVE-2007-4909
2007-09-17 17:17:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.078 Low

EPSS

Percentile

94.2%

JSON
Related for KLA11447
nessus1cvelist1nvd1prion1cve1