{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T04:35:03.399","vulnerabilities":[{"cve":{"id":"CVE-2009-4775","sourceIdentifier":"cve@mitre.org","published":"2010-04-21T14:30:00.507","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response."},{"lang":"es","value":"Vulnerabilidad de formato de cadena en Ipswitch WS_FTP Professional v12 anterior a v12.2, permite a atacantes remotos provocar una denegación de servicio (caída) a través de especificadores de formato de cadena en el \"status code\" de una respuesta HTTP."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-134"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:ws_ftp:12.0:-:home:*:*:*:*:*","matchCriteriaId":"826CDF0D-CA1B-44F7-9D8F-CAC5BF28F515"},{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:ws_ftp:12.0:-:pro:*:*:*:*:*","matchCriteriaId":"6EC946E4-B2F9-4406-8D0F-98A05AEF7F53"},{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:ws_ftp:12.0.1:-:home:*:*:*:*:*","matchCriteriaId":"F1D62B51-9B90-4377-AD99-7F97B66C29A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:ws_ftp:12.0.1:-:pro:*:*:*:*:*","matchCriteriaId":"675B149F-8864-48E6-B813-E09BA2679013"}]}]}],"references":[{"url":"http://docs.ipswitch.com/WS_FTP%20122/ReleaseNotes/English/index.htm?k_id=ipswitch_com_ftp_documents_worldwide_ws_ftp122releasenotesenglish#link23","source":"cve@mitre.org"},{"url":"http://www.exploit-db.com/exploits/9607","source":"cve@mitre.org"},{"url":"http://www.packetstormsecurity.org/0909-exploits/nocoolnameforawsftppoc.pl.txt","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.securityfocus.com/bid/36297","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/53098","source":"cve@mitre.org"},{"url":"http://docs.ipswitch.com/WS_FTP%20122/ReleaseNotes/English/index.htm?k_id=ipswitch_com_ftp_documents_worldwide_ws_ftp122releasenotesenglish#link23","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.exploit-db.com/exploits/9607","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.packetstormsecurity.org/0909-exploits/nocoolnameforawsftppoc.pl.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.securityfocus.com/bid/36297","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/53098","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}