CVE-2009-4663

Опубликовано: 03 мар. 2010

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html
http://www.bmgsec.com.au/advisories/easymail-6-activex-exploit.txt
Exploit
http://www.exploit-db.com/exploits/9705
http://www.securityfocus.com/bid/36440
https://exchange.xforce.ibmcloud.com/vulnerabilities/53325
http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html
http://www.bmgsec.com.au/advisories/easymail-6-activex-exploit.txt
Exploit
http://www.exploit-db.com/exploits/9705
http://www.securityfocus.com/bid/36440
https://exchange.xforce.ibmcloud.com/vulnerabilities/53325

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:quiksoft:easymail_objects:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08639

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-fjfh-hvg6-2r3g

github

почти 4 года назад