CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-0338

HIGH
7.5
CVSS Severity Score
EPSS Score0.1630%
EPSS Percentile2.96th
Published2007年1月18日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.

Affected Platforms (CPE)

📦
Bolintech

Dreamftp Server

All versions

References & Advisories

🔗 http://osvdb.org/32816
🔗 http://secunia.com/advisories/23731
🔗 https://www.exploit-db.com/exploits/3128
🔗 http://osvdb.org/32816
🔗 http://secunia.com/advisories/23731
🔗 https://www.exploit-db.com/exploits/3128

関連する脆弱性情報

CVE-2007-098010.0

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SL...

CVE-2007-100610.0

Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause...

CVE-2007-095410.0

MOHA Chat 0.1b7 and earlier does not require authentication for use of the plug in API, which has unknown impact and attack vector...

CVE-2007-100710.0

Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and pos...