Описание
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly demonstrated by a web application that accepts untrusted input for this method.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:icewarp:merak_mail_server:9.4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04073
Низкий
7.5 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly demonstrated by a web application that accepts untrusted input for this method.
EPSS
Процентиль: 88%
0.04073
Низкий
7.5 High
CVSS2
Дефекты
CWE-119