CVE-2007-3161

Ace-FTP Client 1.24a - Buffer Overflow via Long FTP Response

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3161. PoCs published by n00b.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in Ace-FTP client v1.24a by sending a maliciously crafted response to a connecting client, overwriting SEH handlers. It acts as a fake FTP server to trigger the vulnerability.

Description

Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response.

Exploits (1)

exploitdb WORKING POC VERIFIED

by n00b · pythondoswindows

https://www.exploit-db.com/exploits/4058

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow in Ace-FTP client v1.24a by sending a maliciously crafted response to a connecting client, overwriting SEH handlers. It acts as a fake FTP server to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Ace-FTP client v1.24a

No auth needed

Prerequisites: Network access to the target · Target must connect to the malicious FTP server

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4058

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/34795

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24403

Scores

EPSS 0.0330

EPSS Percentile 86.9%

Details

Status published

Products (1)

visicom_media/ace-ftp 1.24a

Published Jun 11, 2007

Tracked Since Feb 18, 2026