Security Advisory

CVE-2014-125114

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-25 15:52:16
Last updated 2026-04-07 14:03:22
Assigner VulnCheck
State PUBLISHED

Description

A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled download parsing, potentially leading to arbitrary code execution or a crash.