CVEブラウザに戻る

CVE-2008-5175

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.0850%

EPSS Percentile23.96th

Published2008年11月19日

Last Modified2026年4月23日

Vulnerability Description

Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.

Affected Platforms (CPE)

📦

Visicommedia

Aceftp

= 3.80.3

📦

Visicommedia

Aceftp

= 3.80.3

References & Advisories

🔗 http://secunia.com/advisories/30792

🔗 http://vuln.sg/aceftp3803-en.html

🔗 http://www.securityfocus.com/bid/29989

🔗 http://www.vupen.com/english/advisories/2008/1954/references

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/43400

🔗 http://secunia.com/advisories/30792

🔗 http://vuln.sg/aceftp3803-en.html

🔗 http://www.securityfocus.com/bid/29989

関連する脆弱性情報

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...