CVE-2020-5183 - FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a speci

CVE-2020-5183

Summary

FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application. This memory corruption bug can possibly be classified as a NULL pointer dereference.

References

http://packetstormsecurity.com/files/155832/FTPGetter-Professional-5.97.0.223-Denial-Of-Service.html
http://packetstormsecurity.com/files/155832/FTPGetter-Professional-5.97.0.223-Denial-Of-Service.html
https://www.exploit-db.com/exploits/47871
https://www.exploit-db.com/exploits/47871

Vulnerable Configurations

cpe:2.3:a:ftpgetter:ftpgetter:5.97.0.223:*:*:*:professional:*:*:*
cpe:2.3:a:ftpgetter:ftpgetter:5.97.0.223:*:*:*:professional:*:*:*

CVSS

Base:	5.0 (as of 21-11-2024 - 05:33)
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

exploit-db	47871
misc	http://packetstormsecurity.com/files/155832/FTPGetter-Professional-5.97.0.223-Denial-Of-Service.html

Last major update

21-11-2024 - 05:33

Published

08-01-2020 - 18:15

Last modified

21-11-2024 - 05:33