Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability
||Michal Bucko (sapheal)
|CVSS Base Score
> So it could be remotely
See this note in TXT Version
> exploitable after all.
> On the other hand, most people don't tell their browsers to open up a
> separate application to handle ftp:// links.
I agree. It could be exploited in the aforementioned way(but: WS_FTP is not
registered to handle FTP protocol by default). Now I am thinking of
something else. Could we use a specially crafted FHF file to exploit the
vulnerability? I haven't checked that yet.
Michal Bucko (sapheal)