WinSCP Protocol Handler Command Line Switch Injection
Author: Dave Lewis
Here is a highly critical advisory for WinSCP.
According to Secunia:
Description:
Kender.Security has discovered a vulnerability in WinSCP, which can be exploited by malicious people to manipulate certain files on a user’s system and potentially to compromise a vulnerable system.
The solution is to download the update version 4.0.4
Tags: WinSCP Vulnerability, CLI Injection, WinSCP Protocol Handler
