Unrated severityNVD Advisory· Published Feb 6, 2015· Updated May 6, 2026

CVE-2014-0603

Description

The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to cause a denial of service (memory corruption) and execute arbitrary code via vectors related to the (1) GetGlobalSettings or (2) GetSiteProperties3 methods, which triggers a dereference of an arbitrary memory address. NOTE: this issue was MERGED with CVE-2014-0606 because it is the same type of vulnerability, affecting the same set of versions, and discovered by the same researcher.

Affected products

Attachmate/Reflection Ftp Client
cpe:2.3:a:attachmate:reflection_ftp_client:*:*:*:*:*:*:*:*
Range: <=14.1.420

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.attachmate.com/techdocs/2501.htmlnvdVendor Advisory
www.zerodayinitiative.com/advisories/ZDI-14-288/nvd
www.zerodayinitiative.com/advisories/ZDI-14-291/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000