CVE-2011-4130

NONE EPSS 95.8%
Published Dec 6, 201114y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 6, 2011 14y ago
Last Modified Jun 16, 2026 2w ago

Description

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.

Threat Intelligence

EPSS Exploit Probability
95.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-399

Affected Products 62

VendorProductVersionRange
proftpdproftpd* ≤1.3.3
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.1any
proftpdproftpd1.2.2any
proftpdproftpd1.2.2any
proftpdproftpd1.2.2any
proftpdproftpd1.2.2any
proftpdproftpd1.2.3any
proftpdproftpd1.2.4any
proftpdproftpd1.2.5any
proftpdproftpd1.2.5any
proftpdproftpd1.2.5any
proftpdproftpd1.2.5any
proftpdproftpd1.2.6any
proftpdproftpd1.2.6any
proftpdproftpd1.2.6any
proftpdproftpd1.2.7any
proftpdproftpd1.2.7any
proftpdproftpd1.2.7any
proftpdproftpd1.2.7any
proftpdproftpd1.2.8any
proftpdproftpd1.2.8any
proftpdproftpd1.2.8any
proftpdproftpd1.2.9any
proftpdproftpd1.2.9any
proftpdproftpd1.2.9any
proftpdproftpd1.2.9any
proftpdproftpd1.2.10any
proftpdproftpd1.2.10any
proftpdproftpd1.2.10any
proftpdproftpd1.2.10any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.1any
proftpdproftpd1.3.1any
proftpdproftpd1.3.1any
proftpdproftpd1.3.1any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any

References 4

Remediation