Search criteria
1 vulnerability by gate_comm_software
CVE-2007-4607 (GCVE-0-2007-4607)
Vulnerability from cvelistv5 – Published: 2007-08-31 00:00 – Updated: 2024-08-07 15:01
VLAI?
Summary
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-28T16:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25467"
},
{
"name": "VU#281977",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/281977"
},
{
"name": "24199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24199"
},
{
"name": "26639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26639"
},
{
"name": "http://retrogod.altervista.org/postcast-emsmtp_bof.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/postcast-emsmtp_bof.html"
},
{
"name": "https://community.ivanti.com/docs/DOC-50988",
"refsource": "MISC",
"url": "https://community.ivanti.com/docs/DOC-50988"
},
{
"name": "38335",
"refsource": "OSVDB",
"url": "http://osvdb.org/38335"
},
{
"name": "easymail-submittoexpress-bo(36307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36307"
},
{
"name": "4328",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4328"
},
{
"name": "20130424 Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4607",
"datePublished": "2007-08-31T00:00:00",
"dateReserved": "2007-08-30T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}