vendor:
LeapFTP
by:
k3170makan
7.5
CVSS
HIGH
URL Handling SEH Exploit
CWE
Product Name: LeapFTP
Affected Version From: 3.1.2000
Affected Version To: 3.1.2000
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP SP0 (DoS on Windows SP2, Windows 7)
2014
LeapFTP 3.1.0 URL Handling SEH Exploit
This exploit takes advantage of a vulnerability in LeapFTP version 3.1.0. By sending a specially crafted URL, an attacker can trigger a buffer overflow and execute arbitrary code.
Mitigation:
Upgrade to a patched version of LeapFTP or use an alternative FTP client.