Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-02-21T05:00:00
Updated: 2024-08-07T21:13:54.249Z
Reserved: 2005-02-18T00:00:00
Link: CVE-2005-0467
Vulnrichment
No data.
NVD
Status : Modified
Published: 2005-02-21T05:00:00.000
Modified: 2024-11-20T23:55:11.357
Link: CVE-2005-0467
Redhat
No data.