CVE-2014-1215

HIGH

Core FTP Server < 1.2 - Buffer Overflow via Config File and Registry Handling

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/531144/100/0/threaded

Scores

CVSS v3 7.8
EPSS 0.0037
EPSS Percentile 29.3%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
coreftp/core_ftp < 1.2
Published Mar 20, 2018
Tracked Since Feb 18, 2026