Ipswitch WS_FTP Professional 'HTTP' Response Format String Vulnerability

Summary
This host is installed with WS_FTP professinal client and is prone to format string vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary code in the context of the vulnerable application, failed exploit attempts will likely result in a denial-of-service condition.
Solution
Upgrade to WS_FTP Professional version 12.2, For updates refer to http://www.ipswitchft.com/Individual/Products/Ws_Ftp_Pro/
Insight
The flaw is due to error in 'formatted-printing()' function. It fails to properly sanitize user supplied input before passing it as the format specifier. Specifically, the issue presents itself when the client parses specially crafted responses for a malicious HTTP server.
Affected
WS_FTP Professional version prior to 12.2
References