Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2011-5012

Published: 25/12/2011 Updated: 29/08/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Reflection 2011r1

Vulnerability Summary

Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 prior to 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 prior to 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 prior to 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.

Vulnerable Product Search on Vulmon Subscribe to Product

attachmate reflection 2011r1

attachmate reflection 2008r1 sp1

attachmate reflection 2008r2

attachmate reflection 14.1

attachmate reflection 7.2

attachmate reflection 2008

Exploits

Exploit DB: Attachmate Reflection FTP Client - Heap Overflow
##################################################################################### Application: Attachmate Reflection FTP Client Heap Overflow Platforms: Windows Exploitation: Remote code execution CVE Number: {PRL}: 2011-09 Author: Francis Provencher (Protek Research Lab's) Website: wwwprotekresearchlabcom/ Twitter: @Pr ...

References

CWE-119http://secunia.com/advisories/46879http://www.exploit-db.com/exploits/18119http://support.attachmate.com/techdocs/1708.htmlhttp://www.osvdb.org/77189http://support.attachmate.com/techdocs/2288.htmlhttp://www.securitytracker.com/id?1026340http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=29&Itemid=29http://support.attachmate.com/techdocs/2502.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/71330https://nvd.nist.govhttps://www.exploit-db.com/exploits/18119/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook