1. Home
  2. CVE Database
  3. CVE-2011-5012
HIGH · 10.0

CVE-2011-5012

Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 befo...

Vulnerability Description

Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
AttachmateReflection7.2
AttachmateReflection 2008All versions
AttachmateReflection 2008R1sp1
AttachmateReflection 2008R2All versions
AttachmateReflection 2011R1All versions

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2011-5012?

CVE-2011-5012 is a vulnerability with a CVSS score of 10.0 (HIGH). Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 befo...

How severe is CVE-2011-5012?

CVE-2011-5012 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-5012?

Check the references section above for vendor advisories and patch information. Affected products include: Attachmate Reflection, Attachmate Reflection 2008, Attachmate Reflection 2008R1, Attachmate Reflection 2008R2, Attachmate Reflection 2011R1.