WinSCP is "an open source SFTP (SSH File Transfer Protocol) and SCP (Secure CoPy) client for Windows using SSH (Secure SHell). Its main function is safe copying of files between a local and a remote computer". A malicious attacker can send an email containing a link that will cause WinSCP to crash.
The information has been provided by Luca Ercoli.
* WinSCP version 3.5.6 (prior versions might be also vulnerable)
The default installation of WinSCP provides the user with functionality to handle sftp:// and scp:// addresses. The vulnerability exists due to the way the application handles long URL's. A malformed scp:// or sftp:// address embedded in a HTML tag causes the WinSCP application to exhaust CPU and Memory resources. The attacker would need the ability to convince the user to visiting a web site he controlled or opening an HTML e-mail he had prepared. During the denial of service, WinSCP will not display any GUI.
Proof of Concept:
------ WinSCP_DoS1.html --------