{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "29" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "30" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10.0" } ] }, { "events": [ { "introduced": "2.0" }, { "fixed": "2.2" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "1.3.5b" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "46a4c089eec7dfc9b7c168c98bdb06371eb694ef" } ], "repo": "https://github.com/proftpd/proftpd", "type": "GIT" } ] } ], "details": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.", "id": "CVE-2019-12815", "modified": "2026-04-01T23:09:49.080146037Z", "published": "2019-07-19T23:15:11.030Z", "references": [ { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00004.html" }, { "type": "WEB", "url": "http://seclists.org/fulldisclosure/2024/Aug/35" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XM5FPBAGSIKV6YJZEPM6GPGJO5JFT7XU/" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00022.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OJDQ3XUYWO42TJBO53NUWDZRA35QMVEI/" }, { "type": "ADVISORY", "url": "https://security.gentoo.org/glsa/201908-16" }, { "type": "ADVISORY", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00006.html" }, { "type": "ADVISORY", "url": "https://www.debian.org/security/2019/dsa-4491" }, { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/109339" }, { "type": "ADVISORY", "url": "https://seclists.org/bugtraq/2019/Aug/3" }, { "type": "ADVISORY", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940889.pdf" }, { "type": "FIX", "url": "https://tbspace.de/cve201912815proftpd.html" }, { "type": "FIX", "url": "http://bugs.proftpd.org/show_bug.cgi?id=4372" }, { "type": "FIX", "url": "https://github.com/proftpd/proftpd/pull/816" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }