CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2007-2318
https://notcve.org/view.php?id=CVE-2007-2318
26 Apr 2007 — Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de formato de cadena en FileZilla versiones anteriores a 2.2.32 permiten a atacantes remotos ejecutar código de su elección mediante especificadores de formato de cadena en (1) Repuestas de servidor FTP ó (2... • http://osvdb.org/34436 •
CVSS: 9.8EPSS: 3%CPEs: 14EXPL: 0CVE-2007-0315
https://notcve.org/view.php?id=CVE-2007-0315
18 Jan 2007 — Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en FileZilla versiones anteriores a 2.2.30a, permiten a atacantes remotos ejecutar código arbitrario o causar una denega... • http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2007-0317
https://notcve.org/view.php?id=CVE-2007-0317
18 Jan 2007 — Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information. Vulnerabilidad en el formato de cadena en la función LogMessage en el FileZilla anterior a 3.0.0-beta5 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código... • http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2006-6564 – FileZilla FTP Server 0.9.20b/0.9.21 - 'STOR' Denial of Service
https://notcve.org/view.php?id=CVE-2006-6564
15 Dec 2006 — FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command. FileZilla Server anterior 0.9.22 permite a un atacante remoto provocar denegación de servicio (caida) a través de un argumento mal formado para el comando STOR, lo cual resulta en un puntero NULL no referenciado. NOTA: El análisis del CVE sug... • https://www.exploit-db.com/exploits/2901 •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2006-2403
https://notcve.org/view.php?id=CVE-2006-2403
16 May 2006 — Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via unknown attack vectors. • http://secunia.com/advisories/20086 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2005-2898 – FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key
https://notcve.org/view.php?id=CVE-2005-2898
14 Sep 2005 — NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's password in the configuration settings file, which allows local users to obtain sensitive information. NOTE: the vendor has disputed the issue, stating that "the problem is not a vulnerability at all, but in fact a fundamental issue of every single program that can store passwords transparently. • https://www.exploit-db.com/exploits/26220 •