Vulnerability Description
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gate Comm Software | Postcast Server Pro | 3.0.61 |
| Quicksoft | Easymail Objects | All versions |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html
- http://osvdb.org/38335
- http://retrogod.altervista.org/postcast-emsmtp_bof.html
- http://secunia.com/advisories/24199
- http://secunia.com/advisories/26639
- http://www.kb.cert.org/vuls/id/281977US Government Resource
- http://www.securityfocus.com/bid/25467Exploit
- https://community.ivanti.com/docs/DOC-50988
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36307
- https://www.exploit-db.com/exploits/4328
- http://archives.neohapsis.com/archives/bugtraq/2013-04/0220.html
- http://osvdb.org/38335
- http://retrogod.altervista.org/postcast-emsmtp_bof.html
- http://secunia.com/advisories/24199
- http://secunia.com/advisories/26639
FAQ
What is CVE-2007-4607?
CVE-2007-4607 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to ex...
How severe is CVE-2007-4607?
CVE-2007-4607 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4607?
Check the references section above for vendor advisories and patch information. Affected products include: Gate Comm Software Postcast Server Pro, Quicksoft Easymail Objects.