Lucene search

[email protected]CVE-2008-6447

HistoryMar 09, 2009 - 2:30 p.m.

CVE-2008-6447

2009-03-0914:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-6447

buffer overflow

emmailstore.dll

quiksoft easymail

mailstore

activex control

remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.208 Low

EPSS

Percentile

96.4%

JSON

Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.

Affected configurations

NVD

Node

quiksofteasymail_mailstore_objectMatch6.5.0.3

CPENameOperatorVersion
quiksoft:easymail_mailstore_objectquiksoft easymail mailstore objecteq6.5.0.3

CPE	Name	Operator	Version
quiksoft:easymail_mailstore_object	quiksoft easymail mailstore object	eq	6.5.0.3

References

www.securityfocus.com/bid/32722

exchange.xforce.ibmcloud.com/vulnerabilities/47207

www.exploit-db.com/exploits/7402

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.208 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2008-6447

prion1 nvd1 openvas2 cvelist1