CVE-2013-4852
NONE EPSS 87.5%
Published Aug 19, 201312y ago · Modified Jun 16, 20262w ago
Published Aug 19, 2013 12y ago
Last Modified Jun 16, 2026 2w ago
Description
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
Threat Intelligence
EPSS Exploit Probability
87.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-189
Affected Products 57
| Vendor | Product | Version | Range |
|---|---|---|---|
| winscp | winscp | * | ≤5.1.5 |
| winscp | winscp | 3.7.6 | any |
| winscp | winscp | 3.8.2 | any |
| winscp | winscp | 3.8_beta | any |
| winscp | winscp | 4.0.4 | any |
| winscp | winscp | 4.0.5 | any |
| winscp | winscp | 4.2.6 | any |
| winscp | winscp | 4.2.7 | any |
| winscp | winscp | 4.2.8 | any |
| winscp | winscp | 4.2.9 | any |
| winscp | winscp | 4.3.2 | any |
| winscp | winscp | 4.3.4 | any |
| winscp | winscp | 4.3.5 | any |
| winscp | winscp | 4.3.6 | any |
| winscp | winscp | 4.3.7 | any |
| winscp | winscp | 4.3.8 | any |
| winscp | winscp | 4.3.9 | any |
| winscp | winscp | 4.4.0 | any |
| winscp | winscp | 5.0 | any |
| winscp | winscp | 5.0.1 | any |
| winscp | winscp | 5.0.2 | any |
| winscp | winscp | 5.0.3 | any |
| winscp | winscp | 5.0.4 | any |
| winscp | winscp | 5.0.5 | any |
| winscp | winscp | 5.0.6 | any |
| winscp | winscp | 5.0.7 | any |
| winscp | winscp | 5.0.8 | any |
| winscp | winscp | 5.0.9 | any |
| winscp | winscp | 5.1 | any |
| winscp | winscp | 5.1.1 | any |
| winscp | winscp | 5.1.2 | any |
| winscp | winscp | 5.1.3 | any |
| winscp | winscp | 5.1.4 | any |
| debian | debian_linux | 6.0 | any |
| debian | debian_linux | 7.0 | any |
| debian | debian_linux | 7.1 | any |
| opensuse | opensuse | 12.3 | any |
| putty | putty | 0.45 | any |
| putty | putty | 0.46 | any |
| putty | putty | 0.47 | any |
| putty | putty | 0.48 | any |
| putty | putty | 0.49 | any |
| putty | putty | 0.50 | any |
| putty | putty | 0.51 | any |
| putty | putty | 0.52 | any |
| putty | putty | 0.53b | any |
| putty | putty | 0.54 | any |
| putty | putty | 0.55 | any |
| putty | putty | 0.56 | any |
| putty | putty | 0.57 | any |
| putty | putty | 0.58 | any |
| putty | putty | 0.59 | any |
| putty | putty | 0.60 | any |
| putty | putty | 0.61 | any |
| putty | putty | 2010-06-01 | any |
| simon_tatham | putty | * | ≤0.62 |
| simon_tatham | putty | 0.53 | any |
References 11
- bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html
- secunia.com http://secunia.com/advisories/54379
- secunia.com http://secunia.com/advisories/54517
- secunia.com http://secunia.com/advisories/54533
- svn.tartarus.org http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896
- winscp.net http://winscp.net/tracker/show_bug.cgi?id=1017
- chiark.greenend.org.uk http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html
- debian.org http://www.debian.org/security/2013/dsa-2736
- search-lab.hu http://www.search-lab.hu/advisories/secadv-20130722
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.