Secunia Research has discovered a vulnerability in FileCOPA, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an integer underflow error in the FTP service (filecpnt.exe) when processing directory arguments passed to certain FTP commands (e.g. "CWD", "DELE", "MDTM", and "MKD"). This can be exploited to cause a stack-based buffer overflow by passing a specially crafted, overly long argument to one of the affected FTP commands. Successful exploitation allows execution of arbitrary code. Versions below 1.01 are affected.
6d3f11d1b2b6f38b433dbc524097d03ff9fd23e22a35197cc06a5f2749b994e8