BID:22583

EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability

Info

EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability

Bugtraq ID:	22583
Class:	Boundary Condition Error
CVE:	CVE-2007-1029
Remote:	Yes
Local:	No
Published:	Feb 02 2007 12:00AM
Updated:	Jul 28 2010 07:25PM
Credit:	Paul Craig of Security-Assessment.com is credited with the discovery of this issue.
Vulnerable:	Quiksoft EasyMail Objects 6.4 Quiksoft EasyMail Objects 6.3 Quiksoft EasyMail Objects 6.2 Quiksoft EasyMail Objects 6.1 Quiksoft EasyMail Objects 6.0 Giant Company Spam Inspector 4.0.354

Not Vulnerable:	Quiksoft EasyMail Objects 6.5

Discussion

EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability

EasyMail Objects is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data prior to copying it to an insufficiently sized buffer.

An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Versions prior to EasyMail Objects 6.5 are vulnerable.
Spam Inspector 4.0.354 is vulnerable.

Exploit / POC

EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability

The following exploit is available:

/data/vulnerabilities/exploits/22583.html

Solution / Fix

EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability

Solution:
The vendor has released EasyMail 6.5 to address this issue. Please see the references for details.

Quiksoft EasyMail Objects 6.2

Quiksoft emsetup.exe
http://www.quiksoft.com/download/emsetup.exe

Quiksoft EasyMail Objects 6.0

Quiksoft emsetup.exe
http://www.quiksoft.com/download/emsetup.exe

Quiksoft EasyMail Objects 6.3

Quiksoft emsetup.exe
http://www.quiksoft.com/download/emsetup.exe

Quiksoft EasyMail Objects 6.1

Quiksoft emsetup.exe
http://www.quiksoft.com/download/emsetup.exe

Quiksoft EasyMail Objects 6.4

Quiksoft emsetup.exe
http://www.quiksoft.com/download/emsetup.exe

References

EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability

References:

Quiksoft Homepage (Quiksoft)
EasyMail Objects v6.5 Connect Method Stack Overflow (Paul Craig)
Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX stack overflow exploit (Sebastian Wolfgarten )
Security advisory: Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX stack overf (Sebastian Wolfgarten)