Vulnerability Description
Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than CVE-2005-4267, so it might be a different vulnerability than CVE-2005-4267.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Eudora Worldmail | 3.0 |
References
- http://www.securityfocus.com/archive/1/424157/100/0/threaded
- http://www.securityfocus.com/archive/1/424157/100/0/threaded
FAQ
What is CVE-2006-0637?
CVE-2006-0637 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by World...
How severe is CVE-2006-0637?
CVE-2006-0637 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0637?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Eudora Worldmail.