CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1175
https://notcve.org/view.php?id=CVE-2006-1175
The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page. • http://secunia.com/advisories/20361 http://www.kb.cert.org/vuls/id/378604 http://www.securityfocus.com/bid/18192 http://www.vupen.com/english/advisories/2006/2064 https://exchange.xforce.ibmcloud.com/vulnerabilities/26752 •
CVSS: 7.5EPSS: 68%CPEs: 4EXPL: 4CVE-2006-2407 – freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2407
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. Desbordamiento de búfer basado en pila en (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 y 1.3.3 DEMO, como se usa en otros productos incluyendo (2) FreeSSHd 1.0.9 y (3) freeFTPd 1.0.10, permite a atacantes remotos ejecutar código arbitrario a través de una cadena de algoritmo de intercambio de clave larga. • https://www.exploit-db.com/exploits/16462 https://www.exploit-db.com/exploits/16461 https://www.exploit-db.com/exploits/1787 http://marc.info/?l=full-disclosure&m=114764338702488&w=2 http://secunia.com/advisories/19845 http://secunia.com/advisories/19846 http://secunia.com/advisories/20136 http://securityreason.com/securityalert/901 http://www.kb.cert.org/vuls/id/477960 http://www.osvdb.org/25463 http://www.osvdb.org/25569 http://www.securityfocus.com/archive • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 13%CPEs: 2EXPL: 3CVE-2004-1118 – wodFtpDLX Client - ActiveX Control Buffer Overflow Crash
https://notcve.org/view.php?id=CVE-2004-1118
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename. • https://www.exploit-db.com/exploits/649 https://www.exploit-db.com/exploits/650 http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html http://marc.info/?l=bugtraq&m=110114233323417&w=2 http://www.securityfocus.com/bid/11721 https://exchange.xforce.ibmcloud.com/vulnerabilities/18190 •