Buffer overflow

2021-07-0919:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.5%

JSON

Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.

CPENameOperatorVersion
fortimailge6.4.0
fortimaillt6.4.5
fortimailge6.2.0
fortimaillt6.2.7
fortimaille5.4.12
fortimailge5.6.1
fortimaillt6.0.11

Name	Operator	Version
fortimail	ge	6.4.0
fortimail	lt	6.4.5
fortimail	ge	6.2.0
fortimail	lt	6.2.7
fortimail	le	5.4.12
fortimail	ge	5.6.1
fortimail	lt	6.0.11

References

fortiguard.com/advisory/FG-IR-21-023