SHARE
CORE IMPACT v7.6 - Exploits Update (Mon Dec 15 2008)
Mercury IMAPD Login Buffer Overflow Exploit
Exploits/Remote [Windows]
• Mon Dec 15 2008
This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 IMAPD Server Module (mercuryi.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
Exploits Vulnerabiltiy: CVE-2006-5961