CVE-2009-4775

2010-04-2114:30:00

CWE-134

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.021

Percentile

89.3%

JSON

Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.

Affected configurations

Nvd

Node

ipswitchws_ftpMatch12.0-home

ipswitchws_ftpMatch12.0-pro

ipswitchws_ftpMatch12.0.1-home

ipswitchws_ftpMatch12.0.1-pro

VendorProductVersionCPE
ipswitchws_ftp12.0cpe:2.3:a:ipswitch:ws_ftp:12.0:-:home:*:*:*:*:*
ipswitchws_ftp12.0cpe:2.3:a:ipswitch:ws_ftp:12.0:-:pro:*:*:*:*:*
ipswitchws_ftp12.0.1cpe:2.3:a:ipswitch:ws_ftp:12.0.1:-:home:*:*:*:*:*
ipswitchws_ftp12.0.1cpe:2.3:a:ipswitch:ws_ftp:12.0.1:-:pro:*:*:*:*:*

Vendor	Product	Version	CPE
ipswitch	ws_ftp	12.0	cpe:2.3:a:ipswitch:ws_ftp:12.0:-:home:::::*
ipswitch	ws_ftp	12.0	cpe:2.3:a:ipswitch:ws_ftp:12.0:-:pro:::::*
ipswitch	ws_ftp	12.0.1	cpe:2.3:a:ipswitch:ws_ftp:12.0.1:-:home:::::*
ipswitch	ws_ftp	12.0.1	cpe:2.3:a:ipswitch:ws_ftp:12.0.1:-:pro:::::*