CVE-2010-20007
BaseFortify
Publication date: 2025-08-21
Last updated on: 2025-08-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| seagull | ftp_client | 3.3 |
| rocket_software | bluezone_secure_ftp | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in Seagull FTP Client version 3.3 Build 409 and earlier. It occurs in the FTP directory listing parser when the client receives a crafted response to a LIST command containing an excessively long filename. The application does not properly validate the input length, causing a buffer overflow that overwrites the Structured Exception Handler (SEH). This can allow remote attackers to execute arbitrary code on the client system.
How can this vulnerability impact me? :
The vulnerability can allow remote attackers to execute arbitrary code on the affected client system. This means an attacker could potentially take control of the system, leading to unauthorized actions such as data theft, system compromise, or further network attacks.
What immediate steps should I take to mitigate this vulnerability?
Users should discontinue use of Seagull FTP Client version 3.3 Build 409 or earlier and switch to BlueZone Secure FTP as advised at the time of disclosure. Avoid connecting to untrusted FTP servers that may send crafted directory listings. Since the product line is discontinued, upgrading to a supported and secure FTP client is recommended.