CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0338

HIGH
7.5
CVSS Severity Score
EPSS Score0.1630%
EPSS Percentile2.96th
PublishedJan 18, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.

Affected Platforms (CPE)

πŸ“¦
Bolintech

Dreamftp Server

All versions

References & Advisories

πŸ”— http://osvdb.org/32816
πŸ”— http://secunia.com/advisories/23731
πŸ”— https://www.exploit-db.com/exploits/3128
πŸ”— http://osvdb.org/32816
πŸ”— http://secunia.com/advisories/23731
πŸ”— https://www.exploit-db.com/exploits/3128

Related Vulnerabilities

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-020110.0

Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows remote attackers to execute arbit...