New Search

FTP Download Destination Tampering Vulnerability (Server 2003)

oval:org.mitre.oval:def:1284

The FTP client in Windows XP SP1 and Server 2003 and Internet Explorer 6 SP1 on Windows 2000 SP4 when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer allows user-assisted remote FTP servers to overwrite files in arbitrary locations via crafted filenames.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2005-2126
Product(s):