CVE-2007-0317

Description

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.

How to fix CVE-2007-0317

To remediate CVE-2007-0317, upgrade the affected package to a fixed version below.

• Debian/filezilla—upgrade to 3.0.0~beta2-3 or later

Is CVE-2007-0317 being exploited?

Low — EPSS is 2.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 3.0.0~beta2-3

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2007-0317