Ipswitch WS_FTP Client Format String Vulnerability

Ipswitch WS_FTP client is prone to a format-string vulnerability it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.

An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects the WS_FTP Home and WS_FTP Professional clients.


 

Privacy Statement
Copyright 2010, SecurityFocus