CVE-2010-20107

CVSS

No CVSS.

A

stack-based buffer overflow exists in FTP Synchronizer Professional <= v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response containing an overly long filename triggers a buffer overflow. This results in the corruption of the Structured Exception Handler (SEH), potentially allowing remote code execution.

References

Link	Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/ftpsynch_list_reply.rb
https://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/
https://web.archive.org/web/20111016235434/http://www.ftpsynchronizer.com/
https://www.exploit-db.com/exploits/16720
https://www.ftpsynchronizer.com/
https://www.vulncheck.com/advisories/ftp-synchronizer-professional-stack-buffer-overflow
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/ftpsynch_list_reply.rb
https://www.exploit-db.com/exploits/16720

Configurations

No configuration.

History

22 Aug 2025, 18:08

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-21 21:15

Updated : 2025-08-22 18:08

NVD link : CVE-2010-20107

Mitre link : CVE-2010-20107

CVE.ORG link : CVE-2010-20107

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2010-20107", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-21T21:15:33.610", "references": [{"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/ftpsynch_list_reply.rb", "source": "[email protected]"}, {"url": "https://web.archive.org/web/20111016194057/https://www.corelan.be/index.php/2010/10/12/death-of-an-ftp-client/", "source": "[email protected]"}, {"url": "https://web.archive.org/web/20111016235434/http://www.ftpsynchronizer.com/", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/16720", "source": "[email protected]"}, {"url": "https://www.ftpsynchronizer.com/", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/ftp-synchronizer-professional-stack-buffer-overflow", "source": "[email protected]"}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/ftpsynch_list_reply.rb", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://www.exploit-db.com/exploits/16720", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow exists in FTP Synchronizer Professional <= v4.0.73.274. When the client connects to an FTP server and issues a LIST command\u2014typically during sync preview or profile creation\u2014the server\u2019s response containing an overly long filename triggers a buffer overflow. This results in the corruption of the Structured Exception Handler (SEH), potentially allowing remote code execution."}, {"lang": "es", "value": "Existe un desbordamiento de b\u00fafer basado en la pila en FTP Synchronizer Professional (versi\u00f3n anterior a la v4.0.73.274). Cuando el cliente se conecta a un servidor FTP y emite un comando LIST (normalmente durante la vista previa de la sincronizaci\u00f3n o la creaci\u00f3n de un perfil), la respuesta del servidor, que contiene un nombre de archivo demasiado largo, provoca un desbordamiento de b\u00fafer. Esto provoca la corrupci\u00f3n del Gestor de Excepciones Estructuradas (GEH), lo que podr\u00eda permitir la ejecuci\u00f3n remota de c\u00f3digo."}], "lastModified": "2025-08-22T18:08:51.663", "sourceIdentifier": "[email protected]"}