Описание
Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162."
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*
cpe:2.3:a:novell:netmail:3.5.2:c1:*:*:*:*:*:*
cpe:2.3:a:novell:netmail:3.5.2:d:*:*:*:*:*:*
cpe:2.3:a:novell:netmail:3.5.2:e-ftfl:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.13535
Средний
6.8 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162."
EPSS
Процентиль: 94%
0.13535
Средний
6.8 Medium
CVSS2
Дефекты
CWE-119