FlashFXP Multiple Buffer Overflow Vulnerabilities Network Vulnerability

Summary

This host is installed with FlashFXP and is prone to multiple buffer overflow vulnerabilities.

Impact

Successful exploitation allows an attackers to overflow a buffer and execute arbitrary code on the system or cause the application to crash. Impact Level: System/Application

Solution

Upgrade to FlashFXP verison 4.2 or later For updates refer to http://www.flashfxp.com/download

Insight

The flaw is due to improper bounds checking by the TListbox or TComboBox.

Affected

FlashFXP verison 4.1.8.1701

References

http://seclists.org/fulldisclosure/2012/Mar/7
http://www.exploit-db.com/exploits/18555/
http://www.flashfxp.com/forum/flashfxp/news/15473-flashfxp-4-2-released.html#post81101
http://www.osvdb.org/79767
http://xforce.iss.net/xforce/xfdb/73626

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-4992

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
Blazevideo HDTV Player PLF File Buffer Overflow Vulnerability
Adobe Air Buffer Overflow Vulnerability (Mac OS X)
BSPlayer Stack Overflow Vulnerability BLS
Adobe Reader Integer Overflow Vulnerability - Jan 12 (Linux)

Take action and discover your vulnerabilities