Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Winscp | Winscp | * | 5.1.5 (including) |
Winscp | Winscp | 3.7.6 (including) | 3.7.6 (including) |
Winscp | Winscp | 3.8.2 (including) | 3.8.2 (including) |
Winscp | Winscp | 3.8_beta (including) | 3.8_beta (including) |
Winscp | Winscp | 4.0.4 (including) | 4.0.4 (including) |
Winscp | Winscp | 4.0.5 (including) | 4.0.5 (including) |
Winscp | Winscp | 4.2.6 (including) | 4.2.6 (including) |
Winscp | Winscp | 4.2.7 (including) | 4.2.7 (including) |
Winscp | Winscp | 4.2.8 (including) | 4.2.8 (including) |
Winscp | Winscp | 4.2.9 (including) | 4.2.9 (including) |
Winscp | Winscp | 4.3.2 (including) | 4.3.2 (including) |
Winscp | Winscp | 4.3.4 (including) | 4.3.4 (including) |
Winscp | Winscp | 4.3.5 (including) | 4.3.5 (including) |
Winscp | Winscp | 4.3.6 (including) | 4.3.6 (including) |
Winscp | Winscp | 4.3.7 (including) | 4.3.7 (including) |
Winscp | Winscp | 4.3.8 (including) | 4.3.8 (including) |
Winscp | Winscp | 4.3.9 (including) | 4.3.9 (including) |
Winscp | Winscp | 4.4.0 (including) | 4.4.0 (including) |
Winscp | Winscp | 5.0-beta (including) | 5.0-beta (including) |
Winscp | Winscp | 5.0.1-beta (including) | 5.0.1-beta (including) |
Winscp | Winscp | 5.0.2-beta (including) | 5.0.2-beta (including) |
Winscp | Winscp | 5.0.3-beta (including) | 5.0.3-beta (including) |
Winscp | Winscp | 5.0.4-beta (including) | 5.0.4-beta (including) |
Winscp | Winscp | 5.0.5-beta (including) | 5.0.5-beta (including) |
Winscp | Winscp | 5.0.6-beta (including) | 5.0.6-beta (including) |
Winscp | Winscp | 5.0.7-beta (including) | 5.0.7-beta (including) |
Winscp | Winscp | 5.0.8-rc (including) | 5.0.8-rc (including) |
Winscp | Winscp | 5.0.9-rc (including) | 5.0.9-rc (including) |
Winscp | Winscp | 5.1 (including) | 5.1 (including) |
Winscp | Winscp | 5.1.1 (including) | 5.1.1 (including) |
Winscp | Winscp | 5.1.2 (including) | 5.1.2 (including) |
Winscp | Winscp | 5.1.3 (including) | 5.1.3 (including) |
Winscp | Winscp | 5.1.4 (including) | 5.1.4 (including) |