Vulnerability Details CVE-2013-6809
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://osvdb.org/100511
- http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html
- http://seclists.org/fulldisclosure/2013/Dec/15
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89455
- http://osvdb.org/100511
- http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html
- http://seclists.org/fulldisclosure/2013/Dec/15
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89455
Products affected by CVE-2013-6809
-
cpe:2.3:a:philippe_jounin:tftpd32:1.0
-
cpe:2.3:a:philippe_jounin:tftpd32:1.1
-
cpe:2.3:a:philippe_jounin:tftpd32:2.0
-
cpe:2.3:a:philippe_jounin:tftpd32:2.1
-
cpe:2.3:a:philippe_jounin:tftpd32:2.11
-
cpe:2.3:a:philippe_jounin:tftpd32:2.2
-
cpe:2.3:a:philippe_jounin:tftpd32:2.21
-
cpe:2.3:a:philippe_jounin:tftpd32:2.51
-
cpe:2.3:a:philippe_jounin:tftpd32:2.52
-
cpe:2.3:a:philippe_jounin:tftpd32:2.53
-
cpe:2.3:a:philippe_jounin:tftpd32:2.54
-
cpe:2.3:a:philippe_jounin:tftpd32:2.60
-
cpe:2.3:a:philippe_jounin:tftpd32:2.62
-
cpe:2.3:a:philippe_jounin:tftpd32:2.70
-
cpe:2.3:a:philippe_jounin:tftpd32:2.71
-
cpe:2.3:a:philippe_jounin:tftpd32:2.72
-
cpe:2.3:a:philippe_jounin:tftpd32:2.73
-
cpe:2.3:a:philippe_jounin:tftpd32:2.74
-
cpe:2.3:a:philippe_jounin:tftpd32:2.80
-
cpe:2.3:a:philippe_jounin:tftpd32:2.81
-
cpe:2.3:a:philippe_jounin:tftpd32:2.82
-
cpe:2.3:a:philippe_jounin:tftpd32:2.83
-
cpe:2.3:a:philippe_jounin:tftpd32:2.84
-
cpe:2.3:a:philippe_jounin:tftpd32:3.00
-
cpe:2.3:a:philippe_jounin:tftpd32:3.01
-
cpe:2.3:a:philippe_jounin:tftpd32:3.02
-
cpe:2.3:a:philippe_jounin:tftpd32:3.03
-
cpe:2.3:a:philippe_jounin:tftpd32:3.10
-
cpe:2.3:a:philippe_jounin:tftpd32:3.20
-
cpe:2.3:a:philippe_jounin:tftpd32:3.22
-
cpe:2.3:a:philippe_jounin:tftpd32:3.23
-
cpe:2.3:a:philippe_jounin:tftpd32:3.26
-
cpe:2.3:a:philippe_jounin:tftpd32:3.27
-
cpe:2.3:a:philippe_jounin:tftpd32:3.28
-
cpe:2.3:a:philippe_jounin:tftpd32:3.29
-
cpe:2.3:a:philippe_jounin:tftpd32:3.31
-
cpe:2.3:a:philippe_jounin:tftpd32:3.33
-
cpe:2.3:a:philippe_jounin:tftpd32:3.34
-
cpe:2.3:a:philippe_jounin:tftpd32:3.35
-
cpe:2.3:a:philippe_jounin:tftpd32:3.50
-
cpe:2.3:a:philippe_jounin:tftpd32:3.51
-
cpe:2.3:a:philippe_jounin:tftpd32:4.00