Vulnerability in N/a
CVE-2007-0217
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a…
EPSS: 0.758 (98.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20070213 Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability (x_refsource_IDEFENSE, third-party-advisory)
- 31892 (x_refsource_OSVDB, vdb-entry)
- 22489 (vdb-entry, x_refsource_BID)
- VU#613564 (x_refsource_CERT-VN, third-party-advisory)
- TA07-044A (x_refsource_CERT, third-party-advisory)
- 1017642 (vdb-entry, x_refsource_SECTRACK)
- ADV-2007-0584 (vdb-entry, x_refsource_VUPEN)
- 24156 (x_refsource_SECUNIA, third-party-advisory)
- MS07-016 (x_refsource_MS, vendor-advisory)
- 20070309 MS07-016 FTP Response DOS PoC (mailing-list, x_refsource_BUGTRAQ)