CVE-2007-0315
FileZilla < 2.2.30 - Remote Code Execution via Buffer Overflow in Options and Queue Control
Title source: llmDescription
Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information.
References (4)
Core 4
Core References
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22057
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31500
Patch x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=475423&group_id=21558
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0183
Scores
EPSS
0.0397
EPSS Percentile
89.3%
Details
CWE
CWE-119
Status
published
Products (14)
filezilla/filezilla
0.9.20
filezilla/filezilla
0.9.21
filezilla/filezilla
0.9.22
filezilla/filezilla
2.2.15
filezilla/filezilla
2.2.22
filezilla/filezilla
2.2.23
filezilla/filezilla
2.2.24
filezilla/filezilla
2.2.25
filezilla/filezilla
2.2.26
filezilla/filezilla
2.2.26a
... and 4 more
Published
Jan 18, 2007
Tracked Since
Feb 18, 2026