Vulnerability CVE-2007-4909

Vulnerability CVE-2007-4909

Published: 2007-09-17 Modified: 2012-02-12

Description:

	Topic	Author	Date
Med.	WinSCP < 4.04 url protocol handler flaw	Kender Security ...	19.09.2007

Type:

(Permissions, Privileges, and Access Controls)

CVSS Base Score	Impact Subscore	Exploitability Subscore
9.3/10	10/10	8.6/10

Affected software
Winscp -> Winscp

http://securityreason.com/securityalert/3141

http://winscp.cvs.sourceforge.net/winscp/winscp3/core/SessionData.cpp?r1=1.29&r2=1.30

http://winscp.net/eng/docs/history/

http://www.securityfocus.com/archive/1/479298/100/0/threaded

http://www.securityfocus.com/bid/25655

http://www.securitytracker.com/id?1018697

https://exchange.xforce.ibmcloud.com/vulnerabilities/36591