From the recent CVE 2008-5754 alert:
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753.
Notice anything ironic?
Moral of the story: keep your marketing people reigned in.