Vulnerability Details : CVE-2006-3015
Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI.
Products affected by CVE-2006-3015
- cpe:2.3:a:winscp:winscp:3.8.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3015
11.95%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3015
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:H/Au:N/C:C/I:C/A:N |
4.9
|
9.2
|
NIST |
CWE ids for CVE-2006-3015
-
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.Assigned by: nvd@nist.gov (Primary)
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2006-3015
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/27075
WinSCP scp:// and sftp:// URI handler command execution CVE-2006-3015 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046810.html
[Full-Disclosure] Mailing List CharterBroken Link;Exploit
-
http://www.kb.cert.org/vuls/id/912588
VU#912588 - WinSCP URI handlers fails to properly parse command line switchesThird Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/18384
Broken Link;Exploit;Third Party Advisory;VDB Entry
-
http://winscp.net/eng/docs/history#3.8.2
Recent Version History :: WinSCPRelease Notes
-
http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0196.html
Broken Link
-
http://secunia.com/advisories/20575
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.vupen.com/english/advisories/2006/2289
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
Jump to