CVE-2008-1724

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
11/04/2008
Last modified:
09/04/2025

Description

Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:h:tumbleweed:securetransport_server:*:*:*:*:*:*:*:* 4.6.1 (including)
cpe:2.3:a:tumbleweed:securetransport_server_app:*:*:*:*:*:*:*:* 4.6.1 (including)