CVSS: 7.8EPSS: 3%CPEs: 4EXPL: 1CVE-2019-9896
https://notcve.org/view.php?id=CVE-2019-9896
21 Mar 2019 — In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. En PuTTY, en versiones anteriores a la 0.71 en Windows, los atacantes locales podrían secuestrar la aplicación colocando un archivo de ayuda malicioso en el mismo directorio que el ejecutable. • https://github.com/yasinyilmaz/vuln-chm-hijack • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2019-9895 – Debian Security Advisory 4423-1
https://notcve.org/view.php?id=CVE-2019-9895
21 Mar 2019 — In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. En PuTTY, en versiones anteriores a la 0.71 en Unix, existe un desbordamiento de búfer desencadenable remotamente en cualquier tipo de redirección servidor-a-cliente. Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially b... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-9894 – Debian Security Advisory 4423-1
https://notcve.org/view.php?id=CVE-2019-9894
21 Mar 2019 — A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. Puede ocurrir una sobrescritura de memoria desencadenable remotamente en el intercambio de claves RSA en PuTTY, en versiones anteriores a la 0.71, antes de la verificación de claves del host. Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers co... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html • CWE-320: Key Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 20EXPL: 0CVE-2013-4206 – Gentoo Linux Security Advisory 201309-08
https://notcve.org/view.php?id=CVE-2013-4206
12 Aug 2013 — Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication. Desbordamiento de búfer basado en memoria dinámica en la función modmul en sshbn.c en PuTTY 0.62 y anteriores, permite a servidores SSH remotos provocar una denegación de ... • http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2013-4207 – Gentoo Linux Security Advisory 201309-08
https://notcve.org/view.php?id=CVE-2013-4207
12 Aug 2013 — Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206. Desbordamiento de búfer en PuTTY 0.62 y anteriores, permite a servidores SSH remotos provocar una denegación de servicio (caída) a través de una firma DSA no válida que no es m... • http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 57EXPL: 0CVE-2013-4852 – PuTTY 0.62 Heap Overflow
https://notcve.org/view.php?id=CVE-2013-4852
06 Aug 2013 — Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow. Desbordamiento de entero en PuTTY 0.62 y anteriores, WinSCP anterior a 5.1.6, y otros productos que usan PuTTY, permite a servidores SSH remotos provocar ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779 • CWE-189: Numeric Errors •