CVE-2012-0315
published 2012-02-22CVE-2012-0315: Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is…
PriorityP340critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
2.21%
80.3th percentile
Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| estsoft | alftp | <= 5.1 | — |
| estsoft | alftp | — | — |
| estsoft | alftp | — | — |
| estsoft | alftp | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://jvn.jp/en/jp/JVN85695061/995223/index.htmlhttp://jvn.jp/en/jp/JVN85695061/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2012-000011http://www.altools.jp/ETC/NEWS.aspx?mid=231&vidx=118http://www.altools.jp/download.aspxhttp://jvn.jp/en/jp/JVN85695061/995223/index.htmlhttp://jvn.jp/en/jp/JVN85695061/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2012-000011http://www.altools.jp/ETC/NEWS.aspx?mid=231&vidx=118http://www.altools.jp/download.aspx
2012-02-22
Published