CVE-2011-4266
Published Dec 13, 2011
Last updated 13 years ago
Overview
- Description
- Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffftp:ffftp:*:c:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA24ED59-5993-4ECE-B229-A1EFE66E38A5",
"versionEndIncluding": "1.98"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.79a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6079BDCD-8456-4EC4-A26B-D47D2C6BA538"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.80:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E21A59EC-4B60-4D1F-9133-1C1597928E7B"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.81:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5818E00B-7695-4141-ADF9-211BA8827523"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.82:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89C6775E-2630-4DC0-B1C3-AFAE3EDEC076"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.83:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F01DC780-E509-4A5A-AD11-8FBA4D1EEA00"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.84:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1F1232E-4E50-4A09-A016-A831E7817FE4"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.85:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6187A8B8-26D3-44F0-9C7F-420EF14258F2"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.86:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE5AB09B-FC1A-4DB2-8154-3A00510CAC02"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.86a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66453CFD-9598-4D52-B354-957620F41E2A"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.87:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DF5207D-1873-493F-884D-C8275CA769FE"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.87a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B237E67E-A7D3-4F70-98DB-70D5276D7290"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.88:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80C23BA7-07B7-4243-B2AC-70B9368F36C2"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.88a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B6DAA2D-A411-41F8-8375-518CC8055823"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.88b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85DF6151-83F8-4DCE-A7FC-D972016BB6A1"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.89:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "220F57C1-1FCF-474A-AF76-3503927E813C"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.89a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7EC8554-8AC6-48A4-80C4-604204A26726"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.89b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14534B40-97E2-4857-A6E1-01070D3E230C"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B78E33E-0729-4927-B78A-0A89F2964EF8"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.91:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8402D8F5-79C7-4D17-9DE2-E80F94F9F790"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54ECEDAB-833B-4481-9905-9513725FC302"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.92a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33C73FEA-0FB5-479C-9039-040EAAAAA6FE"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.92b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F858E6C3-7750-4AF3-93E7-3666236F17D7"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.92c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BE4515E-5C99-46C5-A2C3-2C830236C1B8"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.93:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E421601-9519-4C61-ABE1-E9B20E2DCB6F"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.94:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "304495C5-E758-4B24-9D8D-A0F843F950D7"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.94a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A755088-E8D9-47F5-953A-C931372C218C"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.95:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11E6A50D-36DD-4F67-BB5B-AA8B50E08A2C"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.96:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "230A3300-1D94-42A1-B764-5AAC46F57EFF"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.96a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C35F98C7-B232-4E78-96D3-1DB6CB56B684"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.96b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53DE04E1-A41D-4A94-A623-C71CC686AD30"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.96c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E36AFA55-CA09-48CB-9C63-B044E0958721"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.96d:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19F29921-D221-4E5E-8BB9-02204AFC22DB"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.97:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EA3E7B0-BB36-4344-A417-50B1CCEBD647"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.97a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E9E2C57-A449-4552-AE19-063318CACC5F"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.97b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7230DBF0-E056-4A33-B4F3-204619B4EFCD"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.98:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CCE2380-5891-4294-87A2-4AACE8434EC2"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.98:a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DEB0A8D-3A14-41E6-B873-C2E2C97F81FE"
},
{
"criteria": "cpe:2.3:a:ffftp:ffftp:1.98:b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EC5E7F4-E490-4E37-BFDE-8DA183E75286"
}
],
"operator": "OR"
}
]
}
]