Description
Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.
Exploits (1)
exploitdb
WRITEUP
by Vulnerability-Lab · textremotewindows
https://www.exploit-db.com/exploits/18555
References (8)
Core 8
Core References
Various Sources x_refsource_confirm
http://www.flashfxp.com/forum/news/15473-flashfxp-4-2-released.html#post81101
Various Sources x_refsource_misc
http://www.vulnerability-lab.com/get_content.php?id=462
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18555
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/79767
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/73626
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-03/0002.html
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2012/Mar/7
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52259
Scores
EPSS
0.5252
EPSS Percentile
98.0%
Details
CWE
CWE-119
Status
published
Products (1)
flashfxp/flashfxp
4.2
Published
Sep 19, 2012
Tracked Since
Feb 18, 2026