CVE-2004-1118

critical

Description

Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18190

http://marc.info/?l=bugtraq&m=110114233323417&w=2

http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html

http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html

Details

Source: Mitre, NVD

Published: 2005-01-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.12573