Vulnerabilities (CVE)

Filtered by vendor Globalscape Subscribe
Filtered by product Cuteftp
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3483 1 Globalscape 1 Cuteftp 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label.
CVE-2008-2779 1 Globalscape 1 Cuteftp 2024-11-21 9.3 HIGH N/A
Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVE-2004-1136 1 Globalscape 1 Cuteftp 2024-11-20 5.0 MEDIUM N/A
Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands.
CVE-2003-1261 1 Globalscape 1 Cuteftp 2024-11-20 2.1 LOW N/A
Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard.
CVE-2003-1260 1 Globalscape 1 Cuteftp 2024-11-20 7.6 HIGH N/A
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
CVE-2003-1259 1 Globalscape 1 Cuteftp 2024-11-20 7.5 HIGH N/A
Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
CVE-2000-0084 1 Globalscape 1 Cuteftp 2024-11-20 5.0 MEDIUM N/A
CuteFTP uses weak encryption to store password information in its tree.dat file.
CVE-2024-1190 1 Globalscape 1 Cuteftp 2024-05-17 1.7 LOW 5.5 MEDIUM
A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252680. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.