File Transfer Manager ActiveX Control Vulnerabilities in Microsoft Products
CVE-2002-0978

Currently unrated

Key Information:

Vendor: Microsoft
Status: File Transfer Manager
Vendor: CVE Published:; 24 September 2002

What is CVE-2002-0978?

The Microsoft File Transfer Manager (FTM) ActiveX control versions before 4.0 is susceptible to vulnerabilities that allow remote attackers to exploit the application through man-in-the-middle attacks. By manipulating the TGT and TGN parameters during a call to the 'Persist' function, attackers can upload or download arbitrary files to unintended locations, posing significant security risks to users.

References

http://archives.neohapsis.com/archives/bugtraq/2002-08/01...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2002
Vulnerability Reserved
Aug 21, 2002