VYPR
Unrated severityNVD Advisory· Published Dec 13, 2011· Updated Jun 16, 2026

CVE-2011-4266

CVE-2011-4266

Description

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

40
  • Ffftp/Ffftp40 versions
    cpe:2.3:a:ffftp:ffftp:1.79a:*:*:*:*:*:*:*+ 39 more
    • cpe:2.3:a:ffftp:ffftp:1.79a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.80:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.81:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.82:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.83:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.84:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.85:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.86:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.86a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.87:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.87a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.88:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.88a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.88b:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.89:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.89a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.89b:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.90:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.91:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.92:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.92a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.92b:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.92c:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.93:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.94:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.94a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.95:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.96:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.96a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.96b:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.96c:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.96d:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.97:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.97a:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.97b:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.98:*:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.98:a:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:1.98:b:*:*:*:*:*:*
    • cpe:2.3:a:ffftp:ffftp:*:c:*:*:*:*:*:*range: <=1.98
    • (no CPE)range: <1.98d

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.