Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiRgodZDI-14-291
HistoryAug 12, 2014 - 12:00 a.m.

Attachmate Reflection Pro FTP rftpcom15.dll GetSiteProperties3 Remote Code Execution Vulnerability

2014-08-1200:00:00
rgod
www.zerodayinitiative.com
14

0.721 High

EPSS

Percentile

98.1%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Attachmate Reflection Pro FTP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ActiveX control’s GetSiteProperties3 method. The control suffers from an untrusted pointer dereference vulnerability because it blindly dereferences an attacker-supplied memory address. An attacker can exploit this condition to achieve code execution under the context of the browser process.

Related

checkpoint_advisories 1
zdi 1
cve 2
prion 2
nvd 2
cvelist 1
checkpoint_advisories
checkpoint_advisories
Attachmate Reflection FTP Client ActiveX GetGlobalSettings Memory Corruption (CVE-2014-0603)
2014-09-16 00:00:00
zdi
zdi
Attachmate Reflection Secure FTP Client rftpcom.dll Multiple Memory Corruption Remote Code Execution Vulnerabilities
2014-08-12 00:00:00
cve
cve
CVE-2014-0606
2015-02-06 11:59:03
CVE-2014-0603
2015-02-06 11:59:00
prion
prion
Design/Logic Flaw
2015-02-06 11:59:00
Memory corruption
2015-02-06 11:59:00
nvd
nvd
CVE-2014-0603
2015-02-06 11:59:00
CVE-2014-0606
2015-02-06 11:59:03
cvelist
cvelist
CVE-2014-0603
2015-02-06 11:00:00

0.721 High

EPSS

Percentile

98.1%

JSON
Related for ZDI-14-291
checkpoint_advisories1zdi1cve2prion2nvd2cvelist1