CVE-2013-4852
Publication date 19 August 2013
Last updated 24 July 2024
Ubuntu priority
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
Status
Package | Ubuntu Release | Status |
---|---|---|
filezilla | ||
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |
putty | ||
18.04 LTS bionic |
Fixed 0.63-1
|
|
16.04 LTS xenial |
Fixed 0.63-1
|
|
14.04 LTS trusty |
Fixed 0.63-1
|
|