Putty : Security Vulnerabilities, CVEs, Published In 2005 (Code Execution)
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.
Max CVSS
7.5
EPSS Score
1.35%
Published
2005-02-21
Updated
2017-07-11
Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
Max CVSS
10.0
EPSS Score
12.09%
Published
2005-01-10
Updated
2017-07-11
2 vulnerabilities found