Lucene search

MitreCVE-2008-6447

HistoryMar 09, 2009 - 2:30 p.m.

CVE-2008-6447

2009-03-0914:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-6447

buffer overflow

emmailstore.dll

quiksoft easymail

mailstore

activex control

remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

Low

EPSS

0.292

Percentile

96.9%

JSON

Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.

Affected configurations

Nvd

Node

quiksofteasymail_mailstore_objectMatch6.5.0.3

VendorProductVersionCPE
quiksofteasymail_mailstore_object6.5.0.3cpe:2.3:a:quiksoft:easymail_mailstore_object:6.5.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
quiksoft	easymail_mailstore_object	6.5.0.3	cpe:2.3:a:quiksoft:easymail_mailstore_object:6.5.0.3:::::::*

References

www.securityfocus.com/bid/32722

exchange.xforce.ibmcloud.com/vulnerabilities/47207

www.exploit-db.com/exploits/7402

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

Low

EPSS

0.292

Percentile

96.9%

JSON

Related for CVE-2008-6447