- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19810
- Проверка EDB
-
- Пройдено
- Автор
- USSR LABS
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2000-0239
- Дата публикации
- 2000-03-16
Atrium Software Mercur WebView WebMail-Client 1.0 - Buffer Overflow
Код:
source: https://www.securityfocus.com/bid/1056/info
WebView WebMail-Client is an add-on for the Mercur SMTP/POP3/IMAP4 Mail Server which allows a user to access email through a web browser.
Insufficient boundary checking exists in the code which handles GET requests, specifically on port 1080. Issuing a GET request containing a string of over 1000 characters on port 1080 will cause the WebView WebMail-Client application to crash.
eg.
http: //target/&mail_user=<string containing over 1000 characters>
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19810-1.exe
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19810-2.zip- Источник
- www.exploit-db.com
