Description

Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.

Remediation

References

CVE-2010-3972

Related Vulnerabilities

WordPress Plugin Twitter Button by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (2.36)

WordPress Plugin Software License Manager Cross-Site Scripting (4.4.7)

SharePoint URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1323)

WordPress Plugin Share on Diaspora Cross-Site Scripting (0.7.1)

PHP Other Vulnerability (CVE-2007-1454)

Severity

Critical

Classification

CVE-2010-3972 CWE-119

Tags

Missing Update Known Vulnerabilities