Описание
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response.
Ссылки
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp4:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17116
Средний
7.5 High
CVSS2
Дефекты
CWE-120
Связанные уязвимости
github
почти 4 года назад
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response.
EPSS
Процентиль: 95%
0.17116
Средний
7.5 High
CVSS2
Дефекты
CWE-120