Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4607

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-4607
Last Modified 12 Dec 2013 10:53:25
Published 30 Aug 2007 08:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4607

Summary

Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029.

Vulnerable Systems

Application

  • Gate Comm Software Postcast Server Pro 3.0.61

  • Quicksoft Easymail Objects


References

CERT-VN - VU#281977

BID - 25467

MILW0RM - 4328

OSVDB - 38335

XF - easymail-submittoexpress-bo(36307)

SECUNIA - 26639

SECUNIA - 24199

MISC - http://retrogod.altervista.org/postcast-emsmtp_bof.html

BUGTRAQ - 20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows


Last Updated: 27 May 2016 11:03:54