CVE-2013-4852 vulnerability in Winscp and Other Products
Published on August 19, 2013

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2013-4852

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2013-4852 are published in these products:

Winscp

Debian Linux

OpenSuse

PuTTY

Simontatham Putty

Exploit Probability

EPSS

1.75%

Percentile

82.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2013-4852 vulnerability in Winscp and Other ProductsPublished on August 19, 2013

Products Associated with CVE-2013-4852

Exploit Probability

CVE-2013-4852 vulnerability in Winscp and Other Products
Published on August 19, 2013