CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0448

Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.6%

CVSS Severity

CVSS v2 Score 10.0

References

http://www.debian.org/security/2004/dsa-510
http://www.securityfocus.com/bid/10438
https://exchange.xforce.ibmcloud.com/vulnerabilities/16271
http://www.debian.org/security/2004/dsa-510
http://www.securityfocus.com/bid/10438
https://exchange.xforce.ibmcloud.com/vulnerabilities/16271

Products affected by CVE-2004-0448

Jftpgw » Jftpgw » Version: 0.13

cpe:2.3:a:jftpgw:jftpgw:0.13
Jftpgw » Jftpgw » Version: 0.13.1

cpe:2.3:a:jftpgw:jftpgw:0.13.1
Jftpgw » Jftpgw » Version: 0.13.2

cpe:2.3:a:jftpgw:jftpgw:0.13.2
Jftpgw » Jftpgw » Version: 0.13.3

cpe:2.3:a:jftpgw:jftpgw:0.13.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0448

Products

Pricing

Contact Us