FileZilla Multiple Remote Format String Vulnerabilities

FileZilla Multiple Remote Format String Vulnerabilities

FileZilla is prone to multiple remote format-string vulnerabilities because the application fails to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted-printing function.

Exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely crash the application.

FileZilla 3 versions prior to beta 5 are vulnerable to these issues.