Vulnerability Details CVE-2004-1118
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.126
EPSS Ranking 93.6%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html
- http://marc.info/?l=bugtraq&m=110114233323417&w=2
- http://www.securityfocus.com/bid/11721
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18190
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html
- http://marc.info/?l=bugtraq&m=110114233323417&w=2
- http://www.securityfocus.com/bid/11721
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18190
Products affected by CVE-2004-1118
-
cpe:2.3:a:weonlydo:wodftpdlx_activex_component:*
-
cpe:2.3:a:weonlydo:wodftpdlx_activex_component:2.1.1_8