FlashFXP < 220.127.116.110 ListIndex TListBox Handling Remote Overflow
High Nessus Plugin ID 60111
SynopsisThe remote host has an FTP client that is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running a version of FlashFXP prior to 18.104.22.1680. It therefore is reportedly has a buffer overflow vulnerability involving the TListbox and TComboBox VCL components.
To exploit the vulnerability remotely, an attacker would need to know the included filters of the connected client to send large strings.
Successful exploitation would allow an attacker to execute arbitrary code within the context of the affected application.
SolutionUpgrade to FlashFXP 4.2.0 (22.214.171.1240) or later.