CVE-2011-5012 Information
Description
Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions) as used in Attachmate Reflection 2008 Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before Reflection 2011 R2 before 15.4.1.327 Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186 and Reflection 14.1 SP1 before 14.1.1.206 allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.
Reference
http://secunia.com/advisories/46879 http://support.attachmate.com/techdocs/1708.html http://support.attachmate.com/techdocs/2288.html http://support.attachmate.com/techdocs/2502.html http://www.exploit-db.com/exploits/18119 http://www.osvdb.org/77189 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=29&Itemid=29 http://www.securitytracker.com/id?1026340 https://exchange.xforce.ibmcloud.com/vulnerabilities/71330
Share on: