{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Core FTP Pro versions 2.1 build 1565 et ant\u00e9rieures.","product":{"name":"Core","vendor":{"name":"Owncloud","scada":false}}},{"description":"Core FTP LE versions 2.1 build 1565 et ant\u00e9rieures ;","product":{"name":"Core","vendor":{"name":"Owncloud","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 de type \u00ab travers\u00e9e de r\u00e9pertoires \u00bb a \u00e9t\u00e9 d\u00e9couverte\ndans le client Core FTP. Un utilisateur malintentionn\u00e9 peut, par le\nbiais d'un lien de t\u00e9l\u00e9chargement FTP, ex\u00e9cuter du code arbitraire sur\nla machine de sa victime.\n\n## Solution\n\nMettre \u00e0 jour Core FTP en version 2.1 build 1568 (cf. section\nDocumentation).\n","cves":[],"links":[{"title":"Notes de version 2.1 de Core    FTP du 27 mai 2008 :","url":"http://www.coreftp.com/forums/viewtopic.php?t=6078"},{"title":"Site de t\u00e9l\u00e9chargement de Core    FTP :","url":"http://www.coreftp.com/download.html"}],"reference":"CERTA-2008-AVI-271","revisions":[{"description":"version initiale.","revision_date":"2008-05-27T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans le client <span class=\"textit\">Core FTP</span>\npermet d'ex\u00e9cuter du code arbitraire sur le poste de l'utilisateur.\n","title":"Vuln\u00e9rabilit\u00e9 dans Core FTP","vendor_advisories":[{"published_at":null,"title":"Notes de version 2.1 de Core FTP du 27 mai 2008","url":null}]}