Vulnerability Details CVE-2011-4266
Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.6%
CVSS Severity
CVSS v2 Score 9.3
References
Products affected by CVE-2011-4266
-
cpe:2.3:a:ffftp:ffftp:1.79a
-
cpe:2.3:a:ffftp:ffftp:1.80
-
cpe:2.3:a:ffftp:ffftp:1.81
-
cpe:2.3:a:ffftp:ffftp:1.82
-
cpe:2.3:a:ffftp:ffftp:1.83
-
cpe:2.3:a:ffftp:ffftp:1.84
-
cpe:2.3:a:ffftp:ffftp:1.85
-
cpe:2.3:a:ffftp:ffftp:1.86
-
cpe:2.3:a:ffftp:ffftp:1.86a
-
cpe:2.3:a:ffftp:ffftp:1.87
-
cpe:2.3:a:ffftp:ffftp:1.87a
-
cpe:2.3:a:ffftp:ffftp:1.88
-
cpe:2.3:a:ffftp:ffftp:1.88a
-
cpe:2.3:a:ffftp:ffftp:1.88b
-
cpe:2.3:a:ffftp:ffftp:1.89
-
cpe:2.3:a:ffftp:ffftp:1.89a
-
cpe:2.3:a:ffftp:ffftp:1.89b
-
cpe:2.3:a:ffftp:ffftp:1.90
-
cpe:2.3:a:ffftp:ffftp:1.91
-
cpe:2.3:a:ffftp:ffftp:1.92
-
cpe:2.3:a:ffftp:ffftp:1.92a
-
cpe:2.3:a:ffftp:ffftp:1.92b
-
cpe:2.3:a:ffftp:ffftp:1.92c
-
cpe:2.3:a:ffftp:ffftp:1.93
-
cpe:2.3:a:ffftp:ffftp:1.94
-
cpe:2.3:a:ffftp:ffftp:1.94a
-
cpe:2.3:a:ffftp:ffftp:1.95
-
cpe:2.3:a:ffftp:ffftp:1.96
-
cpe:2.3:a:ffftp:ffftp:1.96a
-
cpe:2.3:a:ffftp:ffftp:1.96b
-
cpe:2.3:a:ffftp:ffftp:1.96c
-
cpe:2.3:a:ffftp:ffftp:1.96d
-
cpe:2.3:a:ffftp:ffftp:1.97
-
cpe:2.3:a:ffftp:ffftp:1.97a
-
cpe:2.3:a:ffftp:ffftp:1.97b
-
cpe:2.3:a:ffftp:ffftp:1.98