CVE-2007-0317

Q: What is the severity of CVE-2007-0317?

CVE-2007-0317 has a high severity level due to its potential to cause application crashes and allow arbitrary code execution.

Q: How do I fix CVE-2007-0317?

To mitigate CVE-2007-0317, upgrade FileZilla to version 3.0.0-beta5 or later.

Q: What types of attacks can exploit CVE-2007-0317?

CVE-2007-0317 can be exploited through crafted arguments passed to the LogMessage function, leading to denial of service or remote code execution.

Q: Which versions of FileZilla are affected by CVE-2007-0317?

FileZilla versions up to and including 3.0.0-beta4 are affected by CVE-2007-0317.

Q: Is CVE-2007-0317 a local or remote vulnerability?

CVE-2007-0317 is a remote vulnerability that allows attackers to exploit the application over the network.

Published Jan 18, 2007

Updated

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.

Affected Software

3 affected components

FileZilla FileZilla<=3.0.0_beta4

FileZilla FileZilla=3.0.0_beta1

FileZilla FileZilla=3.0.0_beta2

Remediation

Patch Available

http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558

Patch Available

http://www.securityfocus.com/bid/22063

Event History

Jan 18, 2007

CVE Published

12:28 AM

CVE Published

via MITRE·05:00 AM

Data Sourced

via MITRE·05:00 AM

Description

Frequently Asked Questions

What is the severity of CVE-2007-0317?

CVE-2007-0317 has a high severity level due to its potential to cause application crashes and allow arbitrary code execution.

How do I fix CVE-2007-0317?

To mitigate CVE-2007-0317, upgrade FileZilla to version 3.0.0-beta5 or later.

What types of attacks can exploit CVE-2007-0317?

CVE-2007-0317 can be exploited through crafted arguments passed to the LogMessage function, leading to denial of service or remote code execution.

Which versions of FileZilla are affected by CVE-2007-0317?

FileZilla versions up to and including 3.0.0-beta4 are affected by CVE-2007-0317.

Is CVE-2007-0317 a local or remote vulnerability?

CVE-2007-0317 is a remote vulnerability that allows attackers to exploit the application over the network.

CVSS Score

7.5High

High Severity

AV:N/AC:L/Au:N/C:P/I:P/A:P

Security Metrics

Risk Score52

Severityhigh(7.5)

CWE

NVD-CWE-Other

Timeline

PublishedJan 18, 2007

Updated

References

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2007-0317

Affected Software

Remediation

Patch Available

Patch Available

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2007-0317?

How do I fix CVE-2007-0317?

What types of attacks can exploit CVE-2007-0317?

Which versions of FileZilla are affected by CVE-2007-0317?

Is CVE-2007-0317 a local or remote vulnerability?

Company

Resources

Contact