Lucene search
K
Simon TathamPutty

7 matches found

CVE
CVE
added 2016/04/07 11:0 p.m.111 views

CVE-2016-2563

The CVE-2016-2563 issue affects PuTTY (pscp) and KiTTY, describing a stack-based buffer overflow in the SCP-SINK handling during SCP downloads. A remote attacker could cause DoS or arbitrary code execution via a crafted SCP-SINK file-size response. Affected: PuTTY older than 0.67 and KiTTY older ...

9.8CVSS9.5AI score0.34216EPSS
CVE
CVE
added 2015/03/27 2:0 p.m.108 views

CVE-2015-2157

PuTTY local memory disclosure vulnerability (CVE-2015-2157) affects PuTTY 0.51–0.63 where SSH-2 private keys are not properly wiped from memory after loading/saving, enabling local attackers to read sensitive key material. Impact is local, with partial confidentiality impact as per NVD metrics; n...

2.1CVSS5.5AI score0.00585EPSS
CVE
CVE
added 2013/08/19 11:0 p.m.97 views

CVE-2013-4852

CVE-2013-4852 describes an integer overflow in PuTTY (0.62 and earlier) and in dependent products (e.g., WinSCP

6.8CVSS7.7AI score0.03447EPSS
CVE
CVE
added 2013/08/19 11:0 p.m.87 views

CVE-2013-4207

PuTTY before 0.63 is affected by CVE-2013-4207 due to a heap-based buffer overflow in sshbn.c (modular arithmetic during DSA signature handling). The overflow can crash a remote SSH server and is triggered by an invalid DSA signature during the bignum division-by-zero path. This is distinct from ...

4.3CVSS6.5AI score0.01834EPSS
CVE
CVE
added 2013/08/19 11:0 p.m.83 views

CVE-2013-4206

PuTTY before 0.63 is affected by CVE-2013-4206 due to a heap-based buffer underflow in modmul (sshbn.c). The vulnerability allows remote SSH servers to cause a denial of service (crash) and possibly memory corruption or code execution via a crafted DSA signature, related to improper handling duri...

6.8CVSS7.3AI score0.02484EPSS
CVE
CVE
added 2015/12/07 8:0 p.m.79 views

CVE-2015-5309

PuTTY before 0.66 contains a memory‑corrupting integer overflow in handling the ECH (erase characters) escape sequence, allowing a remote attacker to cause DoS or potentially execute arbitrary code via a large parameter value. This affects PuTTY’s terminal emulator. Debian advisories (DSA-3409) a...

4.3CVSS9.8AI score0.03467EPSS
CVE
CVE
added 2013/08/19 11:0 p.m.71 views

CVE-2013-4208

CVE-2013-4208 affects PuTTY up to version 0.63 where rsa_verify mishandles sensitive memory and does not free certain structures, potentially exposing private RSA/DSA keys. Several advisories note updates that merge PuTTY fixes into downstream projects (e.g., FileZilla 3.7.3 and Fedora/OpenSUSE a...

2.1CVSS5.9AI score0.00392EPSS