CVE-2005-4267

Опубликовано: 21 дек. 2005

Источник: nvd

CVSS2: 7.5

EPSS Высокий

Описание

Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.

Ссылки

http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html
Exploit
Vendor Advisory
http://secunia.com/advisories/17640
Vendor Advisory
http://securityreason.com/securityalert/277
http://securitytracker.com/id?1015391
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359
Vendor Advisory
http://www.securityfocus.com/bid/15980
Exploit
http://www.vupen.com/english/advisories/2005/3005
Vendor Advisory
http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html
Exploit
Vendor Advisory
http://secunia.com/advisories/17640
Vendor Advisory
http://securityreason.com/securityalert/277
http://securitytracker.com/id?1015391
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359
Vendor Advisory
http://www.securityfocus.com/bid/15980
Exploit
http://www.vupen.com/english/advisories/2005/3005
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qualcomm:worldmail:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.75793

Высокий

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-9568-6gjg-jgm8

github

почти 4 года назад