Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FileZilla 3.40.0 Denial of Service via Local Search
Vulnerability Description
FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and 'CCCC' sequences in the search directory field and initiating a local search operation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
FileZilla 日志信息泄露漏洞
Vulnerability Description
FileZilla是FileZilla开源的一款基于Windows平台的开源FTP/SFTP客户端。 FileZilla 3.40.0版本存在日志信息泄露漏洞,该漏洞源于本地搜索功能存在拒绝服务漏洞,可能导致本地攻击者使应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A