Vulnerability Details CVE-2005-3150
Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/17028
- http://secunia.com/advisories/17081
- http://secunia.com/advisories/17112
- http://www.debian.org/security/2005/dsa-855
- http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/86833
- http://www.gentoo.org/security/en/glsa/glsa-200510-09.xml
- http://www.securityfocus.com/bid/14999
- http://secunia.com/advisories/17028
- http://secunia.com/advisories/17081
- http://secunia.com/advisories/17112
- http://www.debian.org/security/2005/dsa-855
- http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/86833
- http://www.gentoo.org/security/en/glsa/glsa-200510-09.xml
- http://www.securityfocus.com/bid/14999