CVE-2007-0217

Microsoft Internet Explorer <6 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0217. PoCs published by Mathew Rowley.

AI-analyzed exploit summary This exploit demonstrates a heap overflow vulnerability in Microsoft FTP Server by sending a crafted response of exactly 1024 characters, causing a buffer overflow. It targets the FTP protocol handling in Microsoft IIS.

Description

The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mathew Rowley · perldoswindows
https://www.exploit-db.com/exploits/3444

This exploit demonstrates a heap overflow vulnerability in Microsoft FTP Server by sending a crafted response of exactly 1024 characters, causing a buffer overflow. It targets the FTP protocol handling in Microsoft IIS.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Microsoft IIS FTP Server (pre-MS07-016 patch)
No auth needed
Prerequisites: Network access to the target FTP server · FTP server running on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/31892
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22489
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/613564
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-044A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017642
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0584
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24156
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462303/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1141

Scores

EPSS 0.6081
EPSS Percentile 99.0%

Details

Status published
Products (3)
microsoft/ie 6.0 sp1
microsoft/internet_explorer 5.01 sp4
microsoft/internet_explorer 6.0
Published Feb 13, 2007
Tracked Since Feb 18, 2026