CVE-2011-4607

PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.

Published : 2013-08-23 16:55 Updated : 2019-03-21 17:04

2.1
CVSS Score More info
Score 2.1 / 10
2.1
Vendor Product Version URI
Putty Putty 0.59 cpe:/a:putty:putty:0.59
Putty Putty 0.60 cpe:/a:putty:putty:0.60
Putty Putty 0.61 cpe:/a:putty:putty:0.61
  1. Putty (1) Search CVE
    1. Putty (3) Search CVE
      1. 0.59
      2. 0.60
      3. 0.61

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2019-03-21 17:04
2013-08-23 16:55

New CVE