Integer overflow in PuTTY 0.62 and previous versions, WinSCP prior to 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
winscp winscp 5.1.4 |
||
winscp winscp 5.1.3 |
||
winscp winscp 5.1.2 |
||
winscp winscp 5.1.1 |
||
winscp winscp 4.3.8 |
||
winscp winscp 4.3.7 |
||
winscp winscp 4.3.6 |
||
winscp winscp 3.7.6 |
||
winscp winscp 5.0.6 |
||
winscp winscp 5.0.5 |
||
winscp winscp 5.0.4 |
||
winscp winscp 5.0.3 |
||
winscp winscp 5.0.2 |
||
winscp winscp 4.2.6 |
||
winscp winscp 4.2.7 |
||
winscp winscp 4.2.8 |
||
winscp winscp 4.2.9 |
||
winscp winscp 5.0.9 |
||
winscp winscp 5.0.7 |
||
winscp winscp 5.0 |
||
winscp winscp 4.3.9 |
||
winscp winscp 3.8.2 |
||
winscp winscp 4.0.4 |
||
winscp winscp 4.3.4 |
||
winscp winscp |
||
winscp winscp 5.1 |
||
winscp winscp 5.0.8 |
||
winscp winscp 5.0.1 |
||
winscp winscp 4.4.0 |
||
winscp winscp 3.8_beta |
||
winscp winscp 4.0.5 |
||
winscp winscp 4.3.2 |
||
winscp winscp 4.3.5 |
||
debian debian linux 7.1 |
||
debian debian linux 6.0 |
||
opensuse opensuse 12.3 |
||
debian debian linux 7.0 |
||
putty putty 0.51 |
||
putty putty 0.50 |
||
putty putty 0.49 |
||
putty putty 0.48 |
||
putty putty 0.58 |
||
putty putty 0.57 |
||
putty putty 0.56 |
||
putty putty 0.55 |
||
putty putty 0.61 |
||
putty putty 0.59 |
||
putty putty 0.54 |
||
simon tatham putty 0.53 |
||
putty putty 0.46 |
||
putty putty 2010-06-01 |
||
simon tatham putty |
||
putty putty 0.60 |
||
putty putty 0.53b |
||
putty putty 0.52 |
||
putty putty 0.47 |
||
putty putty 0.45 |
Vulmon