CVE-2014-0603

The issue is Attachmate Reflection FTP Client’s rftpcom.dll ActiveX control (GetGlobalSettings, GetSiteProperties3) causing memory corruption leading to remote code execution. CVE-2014-0603 details: memory corruption with execution of arbitrary code via those methods on affected builds before 14....

CVE-2014-0604

CVE-2014-0604 is a directory traversal vulnerability in the Attachmate Reflection FTP Client’s rftpcom.dll ActiveX control (and Attachmate Reflection Secure FTP Client per ZDI) that allows remote code execution via the StartLog method. The flaw exists before version 14.1.429. Exploitation details...

CVE-2014-0605

The connected advisories confirm CVE-2014-0605 affects Attachmate Reflection FTP Client (rftpcom.dll ActiveX) with a directory traversal flaw in the SaveSettings method that enables remote code execution. Affected software includes versions prior to 14.1.429; ZDI notes exploitation requires user ...

CVE-2014-5211

CVE-2014-5211 affects Attachmate Reflection FTP Client prior to 14.1.433. It is a stack-based buffer overflow caused by insufficient boundary checking when processing the PWD command response, allowing remote code execution in the context of the current user. Exploitation involves a crafted large...