CVE-2007-0330 Information
Description
Buffer overflow in wsbho2k0.dll as used by wsftpurl.exe in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document and possibly other vectors.
Reference
http://osvdb.org/33476
http://securityreason.com/securityalert/2160
http://www.securityfocus.com/archive/1/456755/100/0/threaded
20070112
Ipswitch
WS_FTP
2007
Professional
\wsftpurl
access
violation
vulnerability
http://www.securityfocus.com/archive/1/456901/100/0/threaded
20070114
Re:
Ipswitch
WS_FTP
2007
Professional
\wsftpurl
access
violation
vulnerability
http://www.securityfocus.com/archive/1/457097/100/0/threaded
20070116
Re:
Ipswitch
WS_FTP
2007
Professional
\wsftpurl
access
violation
vulnerability
http://www.securityfocus.com/bid/22062
Buffer
overflow
in
wsbho2k0.dll
as
used
by
wsftpurl.exe
in
Ipswitch
WS_FTP
2007
Professional
allows
remote
attackers
to
cause
a
denial
of
service
(application
crash)
and
possibly
execute
arbitrary
code
via
a
long
ftp://
URL
in
an
HTML
document
and
possibly
other
vectors.