Vulnerability Description
Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Filezilla | Filezilla | <= 3.0.0_beta4 |
References
- http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558Patch
- http://www.securityfocus.com/bid/22063Patch
- http://www.vupen.com/english/advisories/2007/0182
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31497
- http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558Patch
- http://www.securityfocus.com/bid/22063Patch
- http://www.vupen.com/english/advisories/2007/0182
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31497
FAQ
What is CVE-2007-0317?
CVE-2007-0317 is a vulnerability with a CVSS score of 7.5 (HIGH). Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via ...
How severe is CVE-2007-0317?
CVE-2007-0317 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0317?
Check the references section above for vendor advisories and patch information. Affected products include: Filezilla Filezilla.