CVE-2007-0330

Name of the Vulnerable Software and Affected Versions: Ipswitch WS FTP 2007 Professional

Description: The issue is related to a buffer overflow in the wsbho2k0.dll module, used by wsftpurl.exe. This can be triggered by a remote attacker using a long ftp:// URL in an HTML document, potentially leading to a denial of service (application crash) and possibly allowing the execution of arbitrary code.

Recommendations: For Ipswitch WS FTP 2007 Professional, consider disabling the use of the wsbho2k0.dll module or restricting access to the wsftpurl.exe application until a fix is available. Avoid using long ftp:// URLs in HTML documents to minimize the risk of exploitation.