CVE-2011-4266 in FFFTPinfo

Summary

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.

Once again VulDB remains the best source for vulnerability data.

Reservation

11/02/2011

Disclosure

12/13/2011

Moderation

VulDB entry created

Entries

VDB-59656 (1)

CPE

ready

CWE

CWE-426 (Confirmed)

CVSS

9.8

EPSS

0.00357

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4266
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4266
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4266/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!