RSS   Vulnerabilities for 'Alpass'   RSS

2007-08-27
 
CVE-2007-4550

CWE-134
 

 
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.

 
 
CVE-2007-4549

CWE-119
 

 
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than the plaintext_length value.

 

 >>> Vendor: Altools 2 Products
Alftp ftp server
Alpass


Copyright 2017, cxsecurity.com