Lucene search

[email protected]CVE-2007-4646

HistoryAug 31, 2007 - 11:17 p.m.

CVE-2007-4646

2007-08-3123:17:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

buffer overflow

hexamail server

denial of service

remote attack

arbitrary code execution

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.617 Medium

EPSS

Percentile

97.8%

JSON

Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long USER command.

Affected configurations

NVD

Node

hexamailhexamail_serverMatch3.0.0.001_lite

CPENameOperatorVersion
hexamail:hexamail_serverhexamail hexamail servereq3.0.0.001_lite

CPE	Name	Operator	Version
hexamail:hexamail_server	hexamail hexamail server	eq	3.0.0.001_lite

References

secunia.com/advisories/26666

www.securityfocus.com/bid/25496

www.securitytracker.com/id?1018637

www.vupen.com/english/advisories/2007/3044

exchange.xforce.ibmcloud.com/vulnerabilities/36369

www.exploit-db.com/exploits/4344

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.617 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2007-4646

nessus2 prion1 cvelist1 nvd1