Winny File Transfer Port Unspecified Remote Overflow
Remote / Network Access
Loss of Integrity
A remote overflow exists in Winny. Winny fails to perform proper bounds checking of unspecified file transfer port commands resulting in a heap-based buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution in the context of the user who executed the Winny, resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.