Nawaf Alkeraithe

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and execute arbitrary code with user privileges.

**Name of the Vulnerable Software and Affected Versions** Wing FTP Server version 6.0.7 **Description** The software contains an unquoted service path issue that may allow local attackers to execute arbitrary code with elevated system privileges. Exploitation involves the unquoted binary path within the service configuration, enabling the injection of malicious executables that run with LocalSystem permissions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.