Vulnerabilities > CVE-2011-3991 - Unspecified vulnerability in Ffftp 1.98

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

ffftp

critical

NVD

Published: 2011-11-04

Updated: 2017-08-29

Summary

Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

Vulnerable Configurations

Part	Description	Count
Application	Ffftp Ffftp Ffftp 1.98	2

References

http://jvn.jp/en/jp/JVN62336482/index.html
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000091.html
http://secunia.com/advisories/46649
http://sourceforge.jp/projects/ffftp/wiki/Security
http://www.securityfocus.com/bid/50412
https://exchange.xforce.ibmcloud.com/vulnerabilities/71020