CVE-2010-20007 (CNNVD-202508-2545)
中文标题:
Seagull FTP Client 安全漏洞
英文标题:
Seagull FTP v3.3 Build 409 Stack Buffer Overflow
漏洞描述
中文描述:
Seagull FTP Client是美国Seagull公司的一个FTP客户端软件。 Seagull FTP Client v3.3 Build 409及之前版本存在安全漏洞,该漏洞源于FTP目录列表解析器未验证文件名长度,可能导致栈缓冲区溢出和执行任意代码。
英文描述:
Seagull FTP Client <= v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly validate input length, resulting in a buffer overflow that overwrites the Structured Exception Handler (SEH). This may allow remote attackers to execute arbitrary code on the client system. This product line was discontinued and users were advised to use BlueZone Secure FTP instead, at the time of disclosure.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Rocket Software | Seagull FTP Client | - | ≤ 3.3 Build 409 | - |
cpe:2.3:a:rocket_software:seagull_ftp_client:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
4.0 (cna)
HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2010-20007 |
2025-11-11 15:18:16 | 2025-11-11 07:33:08 |
| NVD | nvd_CVE-2010-20007 |
2025-11-11 14:53:29 | 2025-11-11 07:41:56 |
| CNNVD | cnnvd_CNNVD-202508-2545 |
2025-11-11 15:12:54 | 2025-11-11 08:00:06 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202508-2545
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- data_sources: ['cve'] -> ['cve', 'nvd']