Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ffftp | ffftp | * |
| ffftp | ffftp | 1.98 |
Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ffftp | ffftp | 1.96a |
| ffftp | ffftp | 1.86 |
| ffftp | ffftp | 1.96 |
| ffftp | ffftp | 1.81 |
| ffftp | ffftp | 1.87a |
| ffftp | ffftp | 1.86a |
| ffftp | ffftp | 1.90 |
| ffftp | ffftp | 1.89a |
| ffftp | ffftp | 1.85 |
| ffftp | ffftp | 1.92b |
| ffftp | ffftp | 1.94 |
| ffftp | ffftp | 1.79a |
| ffftp | ffftp | * |
| ffftp | ffftp | 1.91 |
| ffftp | ffftp | 1.92c |
| ffftp | ffftp | 1.98 |
| ffftp | ffftp | 1.97b |
| ffftp | ffftp | 1.97a |
| ffftp | ffftp | 1.95 |
| ffftp | ffftp | 1.93 |
| ffftp | ffftp | 1.96c |
| ffftp | ffftp | 1.89b |
| ffftp | ffftp | 1.89 |
| ffftp | ffftp | 1.84 |
| ffftp | ffftp | 1.88a |
| ffftp | ffftp | 1.88b |
| ffftp | ffftp | 1.88 |
| ffftp | ffftp | 1.87 |
| ffftp | ffftp | 1.92 |
| ffftp | ffftp | 1.96b |
| ffftp | ffftp | 1.82 |
| ffftp | ffftp | 1.83 |
| ffftp | ffftp | 1.80 |
| ffftp | ffftp | 1.92a |
| ffftp | ffftp | 1.96d |
| ffftp | ffftp | 1.94a |
| ffftp | ffftp | 1.97 |