9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.685 Medium
EPSS
Percentile
98.0%
Added: 02/16/2010
CVE: CVE-2009-3837
OSVDB: 59262
Eureka Email is an e-mail client with built-in junk e-mail filtering.
A malicious POP3 mail server can send a long error message to the Eureka Email client, causing a stack buffer overflow.
Upgrade when a fix becomes available or use a different e-mail client.
<http://secunia.com/advisories/37132/>
Exploit works on Eureka Email 2.2q and the user must use Eureka Email to contact the exploit server using the POP protocol.
Windows