CVE-2001-1103

HIGH

7.5

CVSS Severity Score

EPSS Score0.1880%

EPSS Percentile40.04th

PublishedMar 3, 2001

Last ModifiedApr 16, 2026

Vulnerability Description

FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.

Affected Platforms (CPE)

📦

Rhinosoft

Ftp Voyager

<= 8.0

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/320944

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/7119

🔗 http://www.kb.cert.org/vuls/id/320944

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/7119

Related Vulnerabilities

CVE-2010-41549.3

Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers t...

CVE-2017-68038.8

Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler in SolarWinds (formerly Serv-U) F...

CVE-2007-10797.8

Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of se...

CVE-2018-252526.2

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting ov...