Search
Find a vulnerability
Search criteria
4 vulnerabilities found for easymail_objects by quicksoft
CVE-2007-4607 (GCVE-0-2007-4607)
Vulnerability from nvd – Published: 2007-08-31 00:00 – Updated: 2024-08-07 15:01
VLAI
Summary
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/25467 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/281977 | third-party-advisoryx_refsource_CERT-VN |
| http://secunia.com/advisories/24199 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/26639 | third-party-advisoryx_refsource_SECUNIA |
| http://retrogod.altervista.org/postcast-emsmtp_bof.html | x_refsource_MISC |
| https://community.ivanti.com/docs/DOC-50988 | x_refsource_MISC |
| http://osvdb.org/38335 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://www.exploit-db.com/exploits/4328 | exploitx_refsource_EXPLOIT-DB |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-08-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-28T16:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26639"
},
{
"name": "http://retrogod.altervista.org/postcast-emsmtp_bof.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"name": "https://community.ivanti.com/docs/DOC-50988",
"refsource": "MISC",
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"refsource": "OSVDB",
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4607",
"datePublished": "2007-08-31T00:00:00.000Z",
"dateReserved": "2007-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1029 (GCVE-0-2007-1029)
Vulnerability from nvd – Published: 2007-02-21 11:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/22583 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/0634 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/33208 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/24199 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://security-assessment.com/files/advisories/e… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/460237/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/2277 | third-party-advisoryx_refsource_SREASON |
Date Public
2007-02-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22583",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22583"
},
{
"name": "ADV-2007-0634",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0634"
},
{
"name": "33208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33208"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "easymailobjects-connect-bo(32540)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32540"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security-assessment.com/files/advisories/easymail_advisory.pdf"
},
{
"name": "20070215 EasyMail Objects v6.5 Connect Method Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460237/100/0/threaded"
},
{
"name": "2277",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22583",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22583"
},
{
"name": "ADV-2007-0634",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0634"
},
{
"name": "33208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33208"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "easymailobjects-connect-bo(32540)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32540"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security-assessment.com/files/advisories/easymail_advisory.pdf"
},
{
"name": "20070215 EasyMail Objects v6.5 Connect Method Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460237/100/0/threaded"
},
{
"name": "2277",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22583",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22583"
},
{
"name": "ADV-2007-0634",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0634"
},
{
"name": "33208",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33208"
},
{
"name": "24199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24199"
},
{
"name": "easymailobjects-connect-bo(32540)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32540"
},
{
"name": "http://security-assessment.com/files/advisories/easymail_advisory.pdf",
"refsource": "MISC",
"url": "http://security-assessment.com/files/advisories/easymail_advisory.pdf"
},
{
"name": "20070215 EasyMail Objects v6.5 Connect Method Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460237/100/0/threaded"
},
{
"name": "2277",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1029",
"datePublished": "2007-02-21T11:00:00.000Z",
"dateReserved": "2007-02-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4607 (GCVE-0-2007-4607)
Vulnerability from cvelistv5 – Published: 2007-08-31 00:00 – Updated: 2024-08-07 15:01
VLAI
Summary
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/25467 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/281977 | third-party-advisoryx_refsource_CERT-VN |
| http://secunia.com/advisories/24199 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/26639 | third-party-advisoryx_refsource_SECUNIA |
| http://retrogod.altervista.org/postcast-emsmtp_bof.html | x_refsource_MISC |
| https://community.ivanti.com/docs/DOC-50988 | x_refsource_MISC |
| http://osvdb.org/38335 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://www.exploit-db.com/exploits/4328 | exploitx_refsource_EXPLOIT-DB |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-08-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-28T16:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26639"
},
{
"name": "http://retrogod.altervista.org/postcast-emsmtp_bof.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"name": "https://community.ivanti.com/docs/DOC-50988",
"refsource": "MISC",
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"refsource": "OSVDB",
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4607",
"datePublished": "2007-08-31T00:00:00.000Z",
"dateReserved": "2007-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1029 (GCVE-0-2007-1029)
Vulnerability from cvelistv5 – Published: 2007-02-21 11:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/22583 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/0634 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/33208 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/24199 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://security-assessment.com/files/advisories/e… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/460237/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/2277 | third-party-advisoryx_refsource_SREASON |
Date Public
2007-02-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22583",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22583"
},
{
"name": "ADV-2007-0634",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0634"
},
{
"name": "33208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33208"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "easymailobjects-connect-bo(32540)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32540"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security-assessment.com/files/advisories/easymail_advisory.pdf"
},
{
"name": "20070215 EasyMail Objects v6.5 Connect Method Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460237/100/0/threaded"
},
{
"name": "2277",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22583",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22583"
},
{
"name": "ADV-2007-0634",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0634"
},
{
"name": "33208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33208"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "easymailobjects-connect-bo(32540)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32540"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security-assessment.com/files/advisories/easymail_advisory.pdf"
},
{
"name": "20070215 EasyMail Objects v6.5 Connect Method Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460237/100/0/threaded"
},
{
"name": "2277",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22583",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22583"
},
{
"name": "ADV-2007-0634",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0634"
},
{
"name": "33208",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33208"
},
{
"name": "24199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24199"
},
{
"name": "easymailobjects-connect-bo(32540)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32540"
},
{
"name": "http://security-assessment.com/files/advisories/easymail_advisory.pdf",
"refsource": "MISC",
"url": "http://security-assessment.com/files/advisories/easymail_advisory.pdf"
},
{
"name": "20070215 EasyMail Objects v6.5 Connect Method Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460237/100/0/threaded"
},
{
"name": "2277",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1029",
"datePublished": "2007-02-21T11:00:00.000Z",
"dateReserved": "2007-02-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}