PuTTY 2010-06-01 R8967 Development Snapshot Edition

CPE Details

PuTTY 2010-06-01 R8967 Development Snapshot Edition
putty
putty
2010-06-01
2021-08-06
14h57 +00:00
2021-08-06
14h58 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*

Informations

Vendor

putty

Product

putty

Version

2010-06-01

Update

r8967

Software Edition

development_snapshot

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-4206 2013-08-19 21h00 +00:00 Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.
6.8
CVE-2013-4207 2013-08-19 21h00 +00:00 Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.
4.3
CVE-2013-4852 2013-08-19 21h00 +00:00 Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
6.8
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.