VDB
GCVE-110-MAGEIA-2016-118
GCVE-110-MAGEIA-2016-118
Advisory Published
Many versions of PSCP in PuTTY prior to 0.67 have a stack corruption
vulnerability in their treatment of the 'sink' direction (i.e. downloading
from server to client) of the old-style SCP protocol. In order for this
vulnerability to be exploited, the user must connect to a malicious server
and attempt to download any file (CVE-2016-2563).
FileZilla was vulnerable to this issue as it bundles a copy of PuTTY. The
filezilla package has been updated to version 3.16.1, which fixes this
issue and has many other fixes and enhancements.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | pcmanfm | 1.2.3-2.2.mga5 (unaffected), 0 (affected) | — |
| Mageia | filezilla | 0 (affected), 3.16.1-1.mga5 (unaffected), 0 (affected), 3.16.1-1.mga5 (unaffected) | — |
| Mageia | pugixml | 0 (affected), 1.7-1.mga5 (unaffected), 0 (affected), 1.7-1.mga5 (unaffected) | — |
| Mageia | libfilezilla | 0 (affected), 0.4.0.1-1.mga5 (unaffected), 0 (affected), 0.4.0.1-1.mga5 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.