Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.
Max CVSS
9.3
EPSS Score
0.07%
Published
2011-12-13
Updated
2012-02-21
Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions.
Max CVSS
9.3
EPSS Score
0.13%
Published
2011-11-04
Updated
2017-08-29
2 vulnerabilities found