Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4992

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2012-4992
Last Modified 20 Sep 2012 11:07:57
Published 19 Sep 2012 03:55:07
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-4992

Summary

Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.

Vulnerable Systems

Application

  • Flashfxp 4.2


References

XF - flashfxp-tlistbox-bo(73626)

MISC - http://www.vulnerability-lab.com/get_content.php?id=462

BID - 52259

CONFIRM - http://www.flashfxp.com/forum/news/15473-flashfxp-4-2-released.html#post81101

EXPLOIT-DB - 18555

FULLDISC - 20120301 lashFXP v4.1.8.1701 - Buffer Overflow Vulnerability

OSVDB - 79767

BUGTRAQ - 20120301 [Suspected Spam] FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability


Last Updated: 27 May 2016 11:00:44