cvelistv5 - cve-2011-5012

CVE-2011-5012 (GCVE-0-2011-5012)

Vulnerability from cvelistv5 – Published: 2011-12-25 01:00 – Updated: 2024-08-07 00:23

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://support.attachmate.com/techdocs/1708.html	x_refsource_CONFIRM
	http://www.exploit-db.com/exploits/18119	exploitx_refsource_EXPLOIT-DB
	http://support.attachmate.com/techdocs/2502.html	x_refsource_CONFIRM
	http://secunia.com/advisories/46879	third-party-advisoryx_refsource_SECUNIA
	http://support.attachmate.com/techdocs/2288.html	x_refsource_CONFIRM
	http://www.osvdb.org/77189	vdb-entryx_refsource_OSVDB
	http://www.securitytracker.com/id?1026340	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.protekresearchlab.com/index.php?option…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:23:39.400Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.attachmate.com/techdocs/1708.html"
          },
          {
            "name": "18119",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/18119"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.attachmate.com/techdocs/2502.html"
          },
          {
            "name": "46879",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.attachmate.com/techdocs/2288.html"
          },
          {
            "name": "77189",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/77189"
          },
          {
            "name": "1026340",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026340"
          },
          {
            "name": "attachmate-reflection-list-bo(71330)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-11-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.attachmate.com/techdocs/1708.html"
        },
        {
          "name": "18119",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/18119"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.attachmate.com/techdocs/2502.html"
        },
        {
          "name": "46879",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.attachmate.com/techdocs/2288.html"
        },
        {
          "name": "77189",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/77189"
        },
        {
          "name": "1026340",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026340"
        },
        {
          "name": "attachmate-reflection-list-bo(71330)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-5012",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.attachmate.com/techdocs/1708.html",
              "refsource": "CONFIRM",
              "url": "http://support.attachmate.com/techdocs/1708.html"
            },
            {
              "name": "18119",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/18119"
            },
            {
              "name": "http://support.attachmate.com/techdocs/2502.html",
              "refsource": "CONFIRM",
              "url": "http://support.attachmate.com/techdocs/2502.html"
            },
            {
              "name": "46879",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46879"
            },
            {
              "name": "http://support.attachmate.com/techdocs/2288.html",
              "refsource": "CONFIRM",
              "url": "http://support.attachmate.com/techdocs/2288.html"
            },
            {
              "name": "77189",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/77189"
            },
            {
              "name": "1026340",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026340"
            },
            {
              "name": "attachmate-reflection-list-bo(71330)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
            },
            {
              "name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29",
              "refsource": "MISC",
              "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-5012",
    "datePublished": "2011-12-25T01:00:00",
    "dateReserved": "2011-12-24T00:00:00",
    "dateUpdated": "2024-08-07T00:23:39.400Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:attachmate:reflection:7.2:sp1:windows_client:*:*:*:*:*\", \"matchCriteriaId\": \"ECE5D7B6-F9E0-41E4-8DC8-27FAF06C4D32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:attachmate:reflection:14.1:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FB0BF0F-3628-4064-BF1A-804473663F24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:attachmate:reflection_2008:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44CA598D-78FA-4B68-AE2D-E952F910F63B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:attachmate:reflection_2008r1:sp1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28D713CF-F6BA-4445-BABD-C89590DB81AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:attachmate:reflection_2008r2:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6857E337-F26C-4924-9523-71857EB93BC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:attachmate:reflection_2011r1:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2221685E-51DE-4BB0-A91C-B8F92FAEA7CA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer en la regi\\u00f3n heap de la memoria en Reflection FTP Client (la biblioteca rftpcom.dll versi\\u00f3n 7.2.0.106 y posiblemente otras versiones), como es usado en Reflection 2008, Reflection 2011 versi\\u00f3n R1 anterior a 15.3.2.569 y anterior a versi\\u00f3n R1 SP1, Reflection 2011 versi\\u00f3n R2 anterior a 15.4.1.327, Reflection Windows Client versi\\u00f3n 7.2 SP1 anterior a hotfix 7.2.1186, y Reflection versi\\u00f3n 14.1 SP1 anterior a 14.1.1.206 de Attachmate, permite a servidores FTP remotos ejecutar c\\u00f3digo arbitrario por medio de un nombre de directorio largo en una respuesta a un comando LIST.\"}]",
      "id": "CVE-2011-5012",
      "lastModified": "2024-11-21T01:33:25.747",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2011-12-25T01:55:05.117",
      "references": "[{\"url\": \"http://secunia.com/advisories/46879\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.attachmate.com/techdocs/1708.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.attachmate.com/techdocs/2288.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.attachmate.com/techdocs/2502.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.exploit-db.com/exploits/18119\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.osvdb.org/77189\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1026340\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/71330\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/46879\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.attachmate.com/techdocs/1708.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.attachmate.com/techdocs/2288.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.attachmate.com/techdocs/2502.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.exploit-db.com/exploits/18119\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.osvdb.org/77189\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1026340\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/71330\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-5012\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-12-25T01:55:05.117\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en Reflection FTP Client (la biblioteca rftpcom.dll versi\u00f3n 7.2.0.106 y posiblemente otras versiones), como es usado en Reflection 2008, Reflection 2011 versi\u00f3n R1 anterior a 15.3.2.569 y anterior a versi\u00f3n R1 SP1, Reflection 2011 versi\u00f3n R2 anterior a 15.4.1.327, Reflection Windows Client versi\u00f3n 7.2 SP1 anterior a hotfix 7.2.1186, y Reflection versi\u00f3n 14.1 SP1 anterior a 14.1.1.206 de Attachmate, permite a servidores FTP remotos ejecutar c\u00f3digo arbitrario por medio de un nombre de directorio largo en una respuesta a un comando LIST.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:attachmate:reflection:7.2:sp1:windows_client:*:*:*:*:*\",\"matchCriteriaId\":\"ECE5D7B6-F9E0-41E4-8DC8-27FAF06C4D32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:attachmate:reflection:14.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FB0BF0F-3628-4064-BF1A-804473663F24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:attachmate:reflection_2008:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44CA598D-78FA-4B68-AE2D-E952F910F63B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:attachmate:reflection_2008r1:sp1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D713CF-F6BA-4445-BABD-C89590DB81AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:attachmate:reflection_2008r2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6857E337-F26C-4924-9523-71857EB93BC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:attachmate:reflection_2011r1:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2221685E-51DE-4BB0-A91C-B8F92FAEA7CA\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/46879\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.attachmate.com/techdocs/1708.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.attachmate.com/techdocs/2288.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.attachmate.com/techdocs/2502.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.exploit-db.com/exploits/18119\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/77189\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1026340\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/71330\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/46879\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.attachmate.com/techdocs/1708.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.attachmate.com/techdocs/2288.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.attachmate.com/techdocs/2502.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.exploit-db.com/exploits/18119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/77189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/71330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2011-5012

Vulnerability from fkie_nvd - Published: 2011-12-25 01:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/46879	Vendor Advisory
cve@mitre.org	http://support.attachmate.com/techdocs/1708.html
cve@mitre.org	http://support.attachmate.com/techdocs/2288.html
cve@mitre.org	http://support.attachmate.com/techdocs/2502.html
cve@mitre.org	http://www.exploit-db.com/exploits/18119	Exploit
cve@mitre.org	http://www.osvdb.org/77189
cve@mitre.org	http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=29&Itemid=29
cve@mitre.org	http://www.securitytracker.com/id?1026340
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/71330
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46879	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.attachmate.com/techdocs/1708.html
af854a3a-2127-422b-91ae-364da2661108	http://support.attachmate.com/techdocs/2288.html
af854a3a-2127-422b-91ae-364da2661108	http://support.attachmate.com/techdocs/2502.html
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/18119	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/77189
af854a3a-2127-422b-91ae-364da2661108	http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=29&Itemid=29
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026340
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/71330

Impacted products

Vendor	Product	Version
attachmate	reflection	7.2
attachmate	reflection	14.1
attachmate	reflection_2008	*
attachmate	reflection_2008r1	sp1
attachmate	reflection_2008r2	*
attachmate	reflection_2011r1	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:attachmate:reflection:7.2:sp1:windows_client:*:*:*:*:*",
              "matchCriteriaId": "ECE5D7B6-F9E0-41E4-8DC8-27FAF06C4D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:attachmate:reflection:14.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7FB0BF0F-3628-4064-BF1A-804473663F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:attachmate:reflection_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44CA598D-78FA-4B68-AE2D-E952F910F63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:attachmate:reflection_2008r1:sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "28D713CF-F6BA-4445-BABD-C89590DB81AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:attachmate:reflection_2008r2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6857E337-F26C-4924-9523-71857EB93BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:attachmate:reflection_2011r1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2221685E-51DE-4BB0-A91C-B8F92FAEA7CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en Reflection FTP Client (la biblioteca rftpcom.dll versi\u00f3n 7.2.0.106 y posiblemente otras versiones), como es usado en Reflection 2008, Reflection 2011 versi\u00f3n R1 anterior a 15.3.2.569 y anterior a versi\u00f3n R1 SP1, Reflection 2011 versi\u00f3n R2 anterior a 15.4.1.327, Reflection Windows Client versi\u00f3n 7.2 SP1 anterior a hotfix 7.2.1186, y Reflection versi\u00f3n 14.1 SP1 anterior a 14.1.1.206 de Attachmate, permite a servidores FTP remotos ejecutar c\u00f3digo arbitrario por medio de un nombre de directorio largo en una respuesta a un comando LIST."
    }
  ],
  "id": "CVE-2011-5012",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-12-25T01:55:05.117",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46879"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.attachmate.com/techdocs/1708.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.attachmate.com/techdocs/2288.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.attachmate.com/techdocs/2502.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/18119"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/77189"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1026340"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.attachmate.com/techdocs/1708.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.attachmate.com/techdocs/2288.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.attachmate.com/techdocs/2502.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/18119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/77189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1026340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2011-5012

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-5012

Aliases

CVE-2011-5012

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-5012",
    "description": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.",
    "id": "GSD-2011-5012"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-5012"
      ],
      "details": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.",
      "id": "GSD-2011-5012",
      "modified": "2023-12-13T01:19:08.953632Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-5012",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.attachmate.com/techdocs/1708.html",
            "refsource": "CONFIRM",
            "url": "http://support.attachmate.com/techdocs/1708.html"
          },
          {
            "name": "18119",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/18119"
          },
          {
            "name": "http://support.attachmate.com/techdocs/2502.html",
            "refsource": "CONFIRM",
            "url": "http://support.attachmate.com/techdocs/2502.html"
          },
          {
            "name": "46879",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/46879"
          },
          {
            "name": "http://support.attachmate.com/techdocs/2288.html",
            "refsource": "CONFIRM",
            "url": "http://support.attachmate.com/techdocs/2288.html"
          },
          {
            "name": "77189",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/77189"
          },
          {
            "name": "1026340",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1026340"
          },
          {
            "name": "attachmate-reflection-list-bo(71330)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
          },
          {
            "name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29",
            "refsource": "MISC",
            "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2011r1:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2008r1:sp1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2008r2:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection:14.1:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection:7.2:sp1:windows_client:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2008:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-5012"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46879",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/46879"
            },
            {
              "name": "18119",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.exploit-db.com/exploits/18119"
            },
            {
              "name": "http://support.attachmate.com/techdocs/1708.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.attachmate.com/techdocs/1708.html"
            },
            {
              "name": "77189",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/77189"
            },
            {
              "name": "http://support.attachmate.com/techdocs/2288.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.attachmate.com/techdocs/2288.html"
            },
            {
              "name": "1026340",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1026340"
            },
            {
              "name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
            },
            {
              "name": "http://support.attachmate.com/techdocs/2502.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.attachmate.com/techdocs/2502.html"
            },
            {
              "name": "attachmate-reflection-list-bo(71330)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:30Z",
      "publishedDate": "2011-12-25T01:55Z"
    }
  }
}

VAR-201112-0102

Vulnerability from variot - Updated: 2023-12-18 12:31

Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------

Secunia is hiring!

Find your next job here:

http://secunia.com/company/jobs/

TITLE: Attachmate Reflection FTP Client Response Processing Buffer Overflow Vulnerability

SECUNIA ADVISORY ID: SA46879

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46879/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46879

RELEASE DATE: 2011-11-17

DISCUSS ADVISORY: http://secunia.com/advisories/46879/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/46879/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=46879

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Protek Research Lab's has discovered a vulnerability in Reflection for Secure IT, which can be exploited by malicious people to compromise a user's system.

Successful exploitation allows execution of arbitrary code, but requires tricking a user into connecting to a malicious server. Other versions may also be affected.

SOLUTION: Do not connect to untrusted FTP servers.

PROVIDED AND/OR DISCOVERED BY: Francis Provencher, Protek Research Lab's

ORIGINAL ADVISORY: http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=29&Itemid=29

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0102",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "attachmate",
        "version": "7.2"
      },
      {
        "model": "reflection 2008r1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "attachmate",
        "version": "sp1"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "attachmate",
        "version": "14.1"
      },
      {
        "model": "reflection 2008r2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "attachmate",
        "version": "*"
      },
      {
        "model": "reflection 2011r1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "attachmate",
        "version": "*"
      },
      {
        "model": "reflection 2008",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "attachmate",
        "version": "*"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "14.1.1.206"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "15.4.1.327"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "2008"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "15.3.2.569"
      },
      {
        "model": "reflection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "7.2 sp1"
      },
      {
        "model": "reflection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "14.1 sp1"
      },
      {
        "model": "reflection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "2011 r1"
      },
      {
        "model": "reflection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "2011 r2"
      },
      {
        "model": "reflection",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "2011 r1 sp1"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "attachmate",
        "version": "windows client hotfix 7.2.1186"
      },
      {
        "model": "reflection",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "attachmate",
        "version": "14.0"
      },
      {
        "model": "reflection 2011r1",
        "scope": null,
        "trust": 0.6,
        "vendor": "attachmate",
        "version": null
      },
      {
        "model": "reflection 2008r2",
        "scope": null,
        "trust": 0.6,
        "vendor": "attachmate",
        "version": null
      },
      {
        "model": "reflection 2008",
        "scope": null,
        "trust": 0.6,
        "vendor": "attachmate",
        "version": null
      },
      {
        "model": "reflection ftp client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "attachmate",
        "version": "14.0.5"
      },
      {
        "model": "reflection ftp client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "attachmate",
        "version": "12.0"
      },
      {
        "model": "reflection ftp client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "attachmate",
        "version": "10"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "BID",
        "id": "50691"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2011r1:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2008r1:sp1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2008r2:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection:14.1:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection:7.2:sp1:windows_client:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:attachmate:reflection_2008:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Provencher",
    "sources": [
      {
        "db": "BID",
        "id": "50691"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-5012",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2011-5012",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2011-5588",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-5012",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2011-5588",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201112-452",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nAttachmate Reflection FTP Client Response Processing Buffer Overflow\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA46879\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46879/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46879\n\nRELEASE DATE:\n2011-11-17\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46879/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46879/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46879\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nProtek Research Lab\u0027s has discovered a vulnerability in Reflection\nfor Secure IT, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nSuccessful exploitation allows execution of arbitrary code, but\nrequires tricking a user into connecting to a malicious server. Other versions may also be affected. \n\nSOLUTION:\nDo not connect to untrusted FTP servers. \n\nPROVIDED AND/OR DISCOVERED BY:\nFrancis Provencher, Protek Research Lab\u0027s\n\nORIGINAL ADVISORY:\nhttp://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "BID",
        "id": "50691"
      },
      {
        "db": "PACKETSTORM",
        "id": "107104"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-5012",
        "trust": 3.3
      },
      {
        "db": "SECUNIA",
        "id": "46879",
        "trust": 2.3
      },
      {
        "db": "OSVDB",
        "id": "77189",
        "trust": 1.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18119",
        "trust": 1.6
      },
      {
        "db": "SECTRACK",
        "id": "1026340",
        "trust": 1.6
      },
      {
        "db": "BID",
        "id": "50691",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "71330",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "107104",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "BID",
        "id": "50691"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "PACKETSTORM",
        "id": "107104"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "id": "VAR-201112-0102",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:31:19.490000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "2502",
        "trust": 0.8,
        "url": "http://support.attachmate.com/techdocs/2502.html"
      },
      {
        "title": "2288",
        "trust": 0.8,
        "url": "http://support.attachmate.com/techdocs/2288.html"
      },
      {
        "title": "1708",
        "trust": 0.8,
        "url": "http://support.attachmate.com/techdocs/1708.html"
      },
      {
        "title": "Reflection FTP Client Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/37425"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://secunia.com/advisories/46879"
      },
      {
        "trust": 1.7,
        "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026itemid=29"
      },
      {
        "trust": 1.6,
        "url": "http://support.attachmate.com/techdocs/1708.html"
      },
      {
        "trust": 1.6,
        "url": "http://support.attachmate.com/techdocs/2288.html"
      },
      {
        "trust": 1.6,
        "url": "http://support.attachmate.com/techdocs/2502.html"
      },
      {
        "trust": 1.6,
        "url": "http://www.exploit-db.com/exploits/18119"
      },
      {
        "trust": 1.6,
        "url": "http://www.osvdb.org/77189"
      },
      {
        "trust": 1.6,
        "url": "http://www.securitytracker.com/id?1026340"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5012"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5012"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/50691"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/71330"
      },
      {
        "trust": 0.3,
        "url": "http://www.attachmate.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/company/jobs/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46879"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46879/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46879/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "BID",
        "id": "50691"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "PACKETSTORM",
        "id": "107104"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "BID",
        "id": "50691"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "db": "PACKETSTORM",
        "id": "107104"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "date": "2011-11-16T00:00:00",
        "db": "BID",
        "id": "50691"
      },
      {
        "date": "2011-12-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "date": "2011-11-18T08:26:51",
        "db": "PACKETSTORM",
        "id": "107104"
      },
      {
        "date": "2011-12-25T01:55:05.117000",
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "date": "2012-01-03T22:00:00",
        "db": "BID",
        "id": "50691"
      },
      {
        "date": "2011-12-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003535"
      },
      {
        "date": "2017-08-29T01:30:38.757000",
        "db": "NVD",
        "id": "CVE-2011-5012"
      },
      {
        "date": "2011-11-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Reflection FTP Client Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5588"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-308"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-452"
      }
    ],
    "trust": 1.2
  }
}

GHSA-RJ92-74HP-V94J

Vulnerability from github – Published: 2022-05-17 01:51 – Updated: 2022-05-17 01:51

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-5012"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-12-25T01:55:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.",
  "id": "GHSA-rj92-74hp-v94j",
  "modified": "2022-05-17T01:51:15Z",
  "published": "2022-05-17T01:51:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-5012"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71330"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/46879"
    },
    {
      "type": "WEB",
      "url": "http://support.attachmate.com/techdocs/1708.html"
    },
    {
      "type": "WEB",
      "url": "http://support.attachmate.com/techdocs/2288.html"
    },
    {
      "type": "WEB",
      "url": "http://support.attachmate.com/techdocs/2502.html"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/18119"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/77189"
    },
    {
      "type": "WEB",
      "url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=29\u0026Itemid=29"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026340"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-5012 (GCVE-0-2011-5012)

FKIE_CVE-2011-5012

GSD-2011-5012

VAR-201112-0102

GHSA-RJ92-74HP-V94J

Tags

Sightings

Nomenclature