Executive Summary
Summary | |
---|---|
Title | Quiksoft EasyMail SMTP ActiveX control stack buffer overflow vulnerabilities |
Informations | |||
---|---|---|---|
Name | VU#281977 | First vendor Publication | 2007-08-29 |
Vendor | VU-CERT | Last vendor Modification | 2007-08-30 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#281977Quiksoft EasyMail SMTP ActiveX control stack buffer overflow vulnerabilitiesOverviewThe Quiksoft EasyMail SMTP ActiveX control contains multiple stack buffer overflow vulnerabilities, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.I. DescriptionQuiksoft EasyMail Objects is a set of ActiveX controls that provides email functionality, including SMTP, POP3, and IMAP4. The EasyMail SMTP ActiveX control, which is provided by emsmtp.dll, contains multiple stack buffer overflow vulnerabilities.This control is bundled with several applications, including Earthlink internet access software. Exploit code for this vulnerability is publicly available.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{68AC0D5F-0424-11D5-822F-00C04F6BA8D9}] "Compatibility Flags"=dword:00000400 Disabling ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this and other ActiveX vulnerabilities. Instructions for disabling ActiveX in the Internet Zone can be found in the "Securing Your Web Browser" document. Systems Affected
Referenceshttp://www.cert.org/tech_tips/securing_browser/#Internet_Explorer This vulnerability was reported by Will Dormann of the CERT/CC. The vulnerability was also independently discovered and publicly disclosed by rgod. This document was written by Will Dormann.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/281977 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
ExploitDB Exploits
id | Description |
---|---|
2007-09-23 | EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
38335 | EasyMail Objects EasyMailSMTPObj ActiveX (emsmtp.dll) SubmitToExpress Method ... EasyMail Objects is prone to an overflow condition. The EasyMailSMTPObj ActiveX control fails to properly sanitize user-supplied input to the SubmitTo Express method resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution. |
Snort® IPS/IDS
Date | Description |
---|---|
2020-01-14 | Oracle EasyMail Objects ActiveX clsid access attempt RuleID : 52470 - Revision : 1 - Type : BROWSER-PLUGINS |
2020-01-14 | Oracle EasyMail Objects ActiveX clsid access attempt RuleID : 52469 - Revision : 1 - Type : BROWSER-PLUGINS |
2020-01-14 | Oracle EasyMail Objects ActiveX clsid access attempt RuleID : 52468 - Revision : 1 - Type : BROWSER-PLUGINS |
2020-01-14 | Oracle EasyMail Objects ActiveX clsid access attempt RuleID : 52467 - Revision : 1 - Type : BROWSER-PLUGINS |
2014-01-10 | EasyMail IMAP4 ActiveX function call unicode access RuleID : 16782 - Revision : 3 - Type : WEB-ACTIVEX |
2014-01-10 | EasyMail IMAP4 ActiveX function call access RuleID : 16781 - Revision : 8 - Type : BROWSER-PLUGINS |
2014-01-10 | EasyMail IMAP4 ActiveX clsid unicode access RuleID : 16780 - Revision : 3 - Type : WEB-ACTIVEX |
2014-01-10 | EasyMail IMAP4 ActiveX clsid access RuleID : 16779 - Revision : 8 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Works WkImgSrv.dll ActiveX clsid access attempt RuleID : 16741 - Revision : 6 - Type : BROWSER-PLUGINS |
2014-01-10 | Oracle EasyMail Objects ActiveX exploit attempt RuleID : 16591 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | Oracle EasyMail Objects ActiveX exploit attempt RuleID : 16590 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | EasyMail Objects ActiveX clsid unicode access RuleID : 12383 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | Oracle EasyMail Objects ActiveX clsid access RuleID : 12382 - Revision : 9 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-09-25 | Name : The remote Windows host has an ActiveX control that is affected by multiple b... File : easymail_objects_smtp_activex_overflows.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:15 |
|
2014-02-17 12:07:42 |
|