This page aggregates publicly disclosed CVE and security risk information related to iglooftp, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2004-1277 | The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters. | [email protected] | 5.0 | 0.43% | 2005-01-10 | 2026-04-16 |
| CVE-2004-1276 | IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP. | [email protected] | 2.1 | 0.06% | 2005-01-10 | 2026-04-16 |
| CVE-2003-0561 | Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands. | [email protected] | 7.5 | 7.40% | 2003-08-18 | 2026-04-16 |