Vulnerability Details CVE-2007-6302
Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.135
EPSS Ranking 94.0%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/27974
- http://www.messagingarchitects.com/en/support/mplusnetmail/docs/readme.pdf
- http://www.securityfocus.com/archive/1/484843/100/0/threaded
- http://www.securityfocus.com/bid/26753
- http://www.securitytracker.com/id?1019063
- http://www.vupen.com/english/advisories/2007/4112
- http://www.zerodayinitiative.com/advisories/ZDI-07-072.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38909
- https://secure-support.novell.com/KanisaPlatform/Publishing/990/3639135_f.SAL_Public.html
- http://secunia.com/advisories/27974
- http://www.messagingarchitects.com/en/support/mplusnetmail/docs/readme.pdf
- http://www.securityfocus.com/archive/1/484843/100/0/threaded
- http://www.securityfocus.com/bid/26753
- http://www.securitytracker.com/id?1019063
- http://www.vupen.com/english/advisories/2007/4112
- http://www.zerodayinitiative.com/advisories/ZDI-07-072.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38909
- https://secure-support.novell.com/KanisaPlatform/Publishing/990/3639135_f.SAL_Public.html