Vulnerability Description
Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Filezilla | Filezilla | <= 2.2.31 |
References
- http://osvdb.org/34436
- http://osvdb.org/34437
- http://secunia.com/advisories/24894PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=501534&group_id=21558Patch
- http://www.securityfocus.com/bid/23506Patch
- http://osvdb.org/34436
- http://osvdb.org/34437
- http://secunia.com/advisories/24894PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=501534&group_id=21558Patch
- http://www.securityfocus.com/bid/23506Patch
FAQ
What is CVE-2007-2318?
CVE-2007-2318 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP s...
How severe is CVE-2007-2318?
CVE-2007-2318 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2318?
Check the references section above for vendor advisories and patch information. Affected products include: Filezilla Filezilla.