Arbitrary Code Execution via Stack-Based Buffer Overflow in SR10 FTP Server

Arbitrary Code Execution via Stack-Based Buffer Overflow in SR10 FTP Server

CVE-2012-5002 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.

Learn more about our Cis Benchmark Audit For Server Software.