CVE Vulnerabilities

CVE-2012-0315

Published: Feb 22, 2012 | Modified: Nov 22, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file.

Affected Software

Name Vendor Start Version End Version
Alftp Estsoft 4.1 4.1
Alftp Estsoft 4.1 4.1
Alftp Estsoft * 5.1
Alftp Estsoft 5.0 5.0
Alftp Estsoft 5.1 5.1
Alftp Estsoft 4.1 4.1

References