CVE-2007-0315

FileZilla < 2.2.30 - Remote Code Execution via Buffer Overflow in Options and Queue Control

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information.

References (4)

Core 4
Core References
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22057
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31500
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0183

Scores

EPSS 0.0397
EPSS Percentile 89.3%

Details

CWE
CWE-119
Status published
Products (14)
filezilla/filezilla 0.9.20
filezilla/filezilla 0.9.21
filezilla/filezilla 0.9.22
filezilla/filezilla 2.2.15
filezilla/filezilla 2.2.22
filezilla/filezilla 2.2.23
filezilla/filezilla 2.2.24
filezilla/filezilla 2.2.25
filezilla/filezilla 2.2.26
filezilla/filezilla 2.2.26a
... and 4 more
Published Jan 18, 2007
Tracked Since Feb 18, 2026