CVE-2007-0217
CVE-2007-0217
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/3444unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-016http://secunia.com/advisories/24156https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1141http://www.kb.cert.org/vuls/id/613564http://www.osvdb.org/31892http://www.securityfocus.com/archive/1/462303/100/0/threadedhttp://www.securityfocus.com/bid/22489http://www.securitytracker.com/id?1017642http://www.us-cert.gov/cas/techalerts/TA07-044A.htmlhttp://www.vupen.com/english/advisories/2007/0584