Lucene search

[email protected]CVE-2006-0637

HistoryFeb 10, 2006 - 11:02 a.m.

CVE-2006-0637

2006-02-1011:02:00

[email protected]

web.nvd.nist.gov

buffer overflow

cram.dll

qualcomm

eudora worldmail 3.0

remote attackers

arbitrary code

imap

append command

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.968 High

EPSS

Percentile

99.7%

JSON

Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than CVE-2005-4267, so it might be a different vulnerability than CVE-2005-4267.

Affected configurations

NVD

Node

qualcommeudora_worldmailMatch3.0

CPENameOperatorVersion
qualcomm:eudora_worldmailqualcomm eudora worldmaileq3.0

CPE	Name	Operator	Version
qualcomm:eudora_worldmail	qualcomm eudora worldmail	eq	3.0

References

www.securityfocus.com/archive/1/424157/100/0/threaded

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.968 High

EPSS

Percentile

99.7%

JSON

Related for CVE-2006-0637

prion1 nvd2 cvelist2 packetstorm2 saint4 cve1 openvas2 checkpoint_advisories2 nessus1 securityvulns1 canvas1