Intrusion Prevention

BulletProof.FTP.Client.BPS.File.Buffer.Overflow

Description

This indicates an attack attempt against a stack Buffer Overflow vulnerability in BulletProof FTP Client 2010.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted .BPS file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted .BPS file.

Affected Products

BulletProof FTP Client 2010 in Windows XP SP3

Impact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

CVE References

CVE-2008-5754 CVE-2014-2973