Vulnerabilities > CVE-2007-0020 - Remote Heap Overflow vulnerability in Transmit 3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC. CVE-2007-0020. Dos exploit for osx platform |
| file | exploits/osx/dos/3160.html |
| id | EDB-ID:3160 |
| last seen | 2016-01-31 |
| modified | 2007-01-20 |
| platform | osx |
| port | |
| published | 2007-01-20 |
| reporter | MoAB |
| source | https://www.exploit-db.com/download/3160/ |
| title | Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC |
| type | dos |
References
- http://osvdb.org/32694
- http://projects.info-pull.com/moab/MOAB-19-01-2007.html
- http://secunia.com/advisories/23861
- http://www.securityfocus.com/bid/22145
- http://www.vupen.com/english/advisories/2007/0273
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31673
- https://www.exploit-db.com/exploits/3160