Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the overflow when the user saves the file.