CVE-2007-0315 - Vulnerability Details - OpenCVE

ReportizFlow

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Filezilla	Filezilla

Configuration 1 [-]

OR	cpe:2.3:a:filezilla:filezilla::::::::
	cpe:2.3:a:filezilla:filezilla:0.9.20:::::::*
	cpe:2.3:a:filezilla:filezilla:0.9.21:::::::*
	cpe:2.3:a:filezilla:filezilla:0.9.22:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.15:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.22:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.23:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.24:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.25:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.26:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.26a:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.27:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.28:::::::*
	cpe:2.3:a:filezilla:filezilla:2.2.29:::::::*

No data.

References

Link	Providers
http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558
http://www.securityfocus.com/bid/22057
http://www.vupen.com/english/advisories/2007/0183
https://exchange.xforce.ibmcloud.com/vulnerabilities/31500

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-18T00:00:00

Updated: 2024-08-07T12:12:17.997Z

Reserved: 2007-01-17T00:00:00

Link: CVE-2007-0315

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-01-18T00:28:00.000

Modified: 2024-11-21T00:25:33.600

Link: CVE-2007-0315

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "22057", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22057"}, {"name": "filezilla-options-queuectrl-bo(31500)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31500"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558"}, {"name": "ADV-2007-0183", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0183"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2007-0315", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "22057", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22057"}, {"name": "filezilla-options-queuectrl-bo(31500)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31500"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558"}, {"name": "ADV-2007-0183", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0183"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:12:17.997Z"}, "title": "CVE Program Container", "references": [{"name": "22057", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22057"}, {"name": "filezilla-options-queuectrl-bo(31500)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31500"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558"}, {"name": "ADV-2007-0183", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0183"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0315", "datePublished": "2007-01-18T00:00:00", "dateReserved": "2007-01-17T00:00:00", "dateUpdated": "2024-08-07T12:12:17.997Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:filezilla:filezilla:*:*:*:*:*:*:*:*", "matchCriteriaId": "C67196B6-10FD-4A50-93FD-804704AE9980", "versionEndIncluding": "2.2.30", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:0.9.20:*:*:*:*:*:*:*", "matchCriteriaId": "7E2B2E7B-7382-435A-927A-C741807D26F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:0.9.21:*:*:*:*:*:*:*", "matchCriteriaId": "CAFFB48F-EA66-41BE-BC27-20246EA1F620", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:0.9.22:*:*:*:*:*:*:*", "matchCriteriaId": "58C8F086-2040-4866-9010-990D2D1548CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "3AC390AF-5CEB-4201-B719-3A1132CBC05C", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "CAE0841F-4D10-4E4B-A9E5-3A457C42EFDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.23:*:*:*:*:*:*:*", "matchCriteriaId": "1593910D-65A2-4909-83F9-696E3E48BB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "AD809934-E3DA-44FC-B927-11481379801A", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.25:*:*:*:*:*:*:*", "matchCriteriaId": "A62BFFF0-5048-4010-8F18-FB426F1BAAB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.26:*:*:*:*:*:*:*", "matchCriteriaId": "3E54A9FC-D5DB-423E-9512-EDF9529FD8A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.26a:*:*:*:*:*:*:*", "matchCriteriaId": "F5D3C4C2-AEB1-4D83-AE6F-D8F4DE2CD231", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.27:*:*:*:*:*:*:*", "matchCriteriaId": "DF8D7E03-48F0-4CF5-AB02-EB57F978B01B", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.28:*:*:*:*:*:*:*", "matchCriteriaId": "CE9CCE2B-A7F8-460D-8415-BBE21AF1DF75", "vulnerable": true}, {"criteria": "cpe:2.3:a:filezilla:filezilla:2.2.29:*:*:*:*:*:*:*", "matchCriteriaId": "6ECEB364-2691-4189-8504-A70009830759", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en FileZilla versiones anteriores a 2.2.30a, permiten a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de vectores no especificados relacionados con (1) el archivo Options.cpp cuando se almacenan configuraciones en el registro, y (2) la cola de transferencia (QueueCtrl.cpp). NOTA: algunos de estos detalles se obtienen de informaci\u00f3n de terceros."}], "evaluatorSolution": "Failed exploit attempts may result in a application level denial-of-service condition.", "id": "CVE-2007-0315", "lastModified": "2024-11-21T00:25:33.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-01-18T00:28:00.000", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558"}, {"source": "[email protected]", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/22057"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0183"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31500"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/22057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0183"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31500"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "[email protected]", "type": "Primary"}]}