mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
147 lines
5.6 KiB
JSON
147 lines
5.6 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2025-4160",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Eine kritische Schwachstelle wurde in PCMan FTP Server bis 2.0.7 ausgemacht. Dies betrifft einen unbekannten Teil der Komponente LS Command Handler. Dank Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Buffer Overflow",
|
|
"cweId": "CWE-120"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Memory Corruption",
|
|
"cweId": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "PCMan",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "FTP Server",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.6"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0.7"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.306692",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.306692"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.306692",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.306692"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?submit.561030",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?submit.561030"
|
|
},
|
|
{
|
|
"url": "https://fitoxs.com/exploit/exploit-098f6bcd4621d373cade4e832627b4f6.txt",
|
|
"refsource": "MISC",
|
|
"name": "https://fitoxs.com/exploit/exploit-098f6bcd4621d373cade4e832627b4f6.txt"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Fernando Mengali (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 7.3,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 7.3,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 7.5,
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
|
|
}
|
|
]
|
|
}
|
|
} |