CVE-2013-4852

NONE EPSS 87.5%
Published Aug 19, 201312y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 19, 2013 12y ago
Last Modified Jun 16, 2026 2w ago

Description

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.

Threat Intelligence

EPSS Exploit Probability
87.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-189

Affected Products 57

VendorProductVersionRange
winscpwinscp* ≤5.1.5
winscpwinscp3.7.6any
winscpwinscp3.8.2any
winscpwinscp3.8_betaany
winscpwinscp4.0.4any
winscpwinscp4.0.5any
winscpwinscp4.2.6any
winscpwinscp4.2.7any
winscpwinscp4.2.8any
winscpwinscp4.2.9any
winscpwinscp4.3.2any
winscpwinscp4.3.4any
winscpwinscp4.3.5any
winscpwinscp4.3.6any
winscpwinscp4.3.7any
winscpwinscp4.3.8any
winscpwinscp4.3.9any
winscpwinscp4.4.0any
winscpwinscp5.0any
winscpwinscp5.0.1any
winscpwinscp5.0.2any
winscpwinscp5.0.3any
winscpwinscp5.0.4any
winscpwinscp5.0.5any
winscpwinscp5.0.6any
winscpwinscp5.0.7any
winscpwinscp5.0.8any
winscpwinscp5.0.9any
winscpwinscp5.1any
winscpwinscp5.1.1any
winscpwinscp5.1.2any
winscpwinscp5.1.3any
winscpwinscp5.1.4any
debiandebian_linux6.0any
debiandebian_linux7.0any
debiandebian_linux7.1any
opensuseopensuse12.3any
puttyputty0.45any
puttyputty0.46any
puttyputty0.47any
puttyputty0.48any
puttyputty0.49any
puttyputty0.50any
puttyputty0.51any
puttyputty0.52any
puttyputty0.53bany
puttyputty0.54any
puttyputty0.55any
puttyputty0.56any
puttyputty0.57any
puttyputty0.58any
puttyputty0.59any
puttyputty0.60any
puttyputty0.61any
puttyputty2010-06-01any
simon_tathamputty* ≤0.62
simon_tathamputty0.53any

References 11

  • bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html
  • secunia.com http://secunia.com/advisories/54379
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/54517
  • secunia.com http://secunia.com/advisories/54533
  • svn.tartarus.org http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896
  • winscp.net http://winscp.net/tracker/show_bug.cgi?id=1017
  • chiark.greenend.org.uk http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html
    Vendor Advisory
  • debian.org http://www.debian.org/security/2013/dsa-2736
  • search-lab.hu http://www.search-lab.hu/advisories/secadv-20130722

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.