Download
| Alert*
oval:org.secpod.oval:def:2103513
In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp. oval:org.secpod.oval:def:50196 The host is installed with WinSCP before 5.14 beta and is prone to an input validation error vulnerability. A flaw is present in the application, which fails to properly handle the TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp. Successful exploitation could allow scp implementation to accept arb ... |