CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
48.4%
Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.
Vendor | Product | Version | CPE |
---|---|---|---|
ffftp | ffftp | * | cpe:2.3:a:ffftp:ffftp:*:c:*:*:*:*:*:* |
ffftp | ffftp | 1.79a | cpe:2.3:a:ffftp:ffftp:1.79a:*:*:*:*:*:*:* |
ffftp | ffftp | 1.80 | cpe:2.3:a:ffftp:ffftp:1.80:*:*:*:*:*:*:* |
ffftp | ffftp | 1.81 | cpe:2.3:a:ffftp:ffftp:1.81:*:*:*:*:*:*:* |
ffftp | ffftp | 1.82 | cpe:2.3:a:ffftp:ffftp:1.82:*:*:*:*:*:*:* |
ffftp | ffftp | 1.83 | cpe:2.3:a:ffftp:ffftp:1.83:*:*:*:*:*:*:* |
ffftp | ffftp | 1.84 | cpe:2.3:a:ffftp:ffftp:1.84:*:*:*:*:*:*:* |
ffftp | ffftp | 1.85 | cpe:2.3:a:ffftp:ffftp:1.85:*:*:*:*:*:*:* |
ffftp | ffftp | 1.86 | cpe:2.3:a:ffftp:ffftp:1.86:*:*:*:*:*:*:* |
ffftp | ffftp | 1.86a | cpe:2.3:a:ffftp:ffftp:1.86a:*:*:*:*:*:*:* |