Lucene search
+L

6 matches found

cnvd
cnvd
added 2017/08/22 12:0 a.m.4 views

Youngzsoft CCFile Denial of Service Vulnerability

Youngzsoft CCFile aka CC File Transfer is a file transfer program. The program is capable of transferring files via Internet and LAN. A security vulnerability exists in Youngzsoft CCFile version 3.6. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to...

7.5CVSS7.5AI score0.02268EPSS
Exploits5References1
nvd
nvd
added 2017/08/21 7:29 a.m.21 views

CVE-2017-12784

In Youngzsoft CCFile aka CC File Transfer 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many '|' characters. NOTE: some sources use this ID f...

7.5CVSS8.5AI score0.02268EPSS
Exploits5References1
osv
osv
added 2017/08/21 7:29 a.m.6 views

CVE-2017-12784

In Youngzsoft CCFile aka CC File Transfer 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many '|' characters. NOTE: some sources use this ID f...

7.5CVSS5.8AI score0.02268EPSS
Exploits5References1
attackerkb
attackerkb
added 2017/08/21 7:29 a.m.2 views

CVE-2017-12784

In Youngzsoft CCFile aka CC File Transfer 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many '|' characters. NOTE: some sources use this ID f...

10CVSS5.6AI score0.24603EPSS
Exploits5References2
prion
prion
added 2017/08/21 7:29 a.m.14 views

Design/Logic Flaw

In Youngzsoft CCFile aka CC File Transfer 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many '|' characters. NOTE: some sources use this ID f...

5CVSS8.4AI score0.24603EPSS
Exploits5References1Affected Software1
cvelist
cvelist
added 2017/08/21 7:0 a.m.22 views

CVE-2017-12784

In Youngzsoft CCFile aka CC File Transfer 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many '|' characters. NOTE: some sources use this ID f...

8.6AI score0.02268EPSS
Exploits5References1
Rows per page
Query Builder