The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_2000 | Microsoft | * | * |