Vulnerability Details CVE-2004-0356
Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.076
EPSS Ranking 91.4%
CVSS Severity
CVSS v2 Score 10.0
References
- http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf
- http://marc.info/?l=bugtraq&m=107850488326232&w=2
- http://www.nextgenss.com/advisories/slmailsrc.txt
- http://www.securityfocus.com/bid/9809
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15398
- http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf
- http://marc.info/?l=bugtraq&m=107850488326232&w=2
- http://www.nextgenss.com/advisories/slmailsrc.txt
- http://www.securityfocus.com/bid/9809
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15398
Products affected by CVE-2004-0356
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.1
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.2
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.3
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.4
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.5
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.6
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.7
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.8
-
cpe:2.3:a:seattle_lab_software:slmail_pro:2.0.9