Untrusted Search Path Vulnerability in FFFTP before 1.98d Allows Privilege Escalation

Untrusted Search Path Vulnerability in FFFTP before 1.98d Allows Privilege Escalation

CVE-2011-4266 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.

Learn more about our User Device Pen Test.