CVE-2019-11395
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
22/04/2019
Last modified:
21/07/2021
Description
A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:tabslab:mailcarrier:2.51:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/152502/MailCarrier-2.51-RCPT-TO-Buffer-Overflow.html
- http://packetstormsecurity.com/files/152504/MailCarrier-2.51-USER-Buffer-Overflow.html
- http://packetstormsecurity.com/files/152505/MailCarrier-2.51-LIST-Buffer-Overflow.html
- http://packetstormsecurity.com/files/152506/MailCarrier-2.51-TOP-Buffer-Overflow.html
- http://packetstormsecurity.com/files/152530/MailCarrier-2.51-RETR-Buffer-Overflow.html
- https://packetstormsecurity.com/files/152502/MailCarrier-2.51-RCPT-TO-Buffer-Overflow.html
- https://packetstormsecurity.com/files/152504/MailCarrier-2.51-USER-Buffer-Overflow.html
- https://packetstormsecurity.com/files/152505/MailCarrier-2.51-LIST-Buffer-Overflow.html
- https://packetstormsecurity.com/files/152506/MailCarrier-2.51-TOP-Buffer-Overflow.html
- https://packetstormsecurity.com/files/152530/MailCarrier-2.51-RETR-Buffer-Overflow.html