Intervations MailCOPA Subject Parameter Remote Buffer Overflow Vulnerability
BID:23767
Info
Intervations MailCOPA Subject Parameter Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 23767 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2505 |
| Remote: | Yes |
| Local: | No |
| Published: | May 02 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | skillTube.com is credited with discovering this issue. |
| Vulnerable: |
Intervations MailCOPA 8.01 |
| Not Vulnerable: | |
Discussion
Intervations MailCOPA Subject Parameter Remote Buffer Overflow Vulnerability
MailCOPA is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker may exploit this issue by enticing victims into opening a malicious email link.
Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed attempts may cause denial-of-service conditions.
MailCOPA is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker may exploit this issue by enticing victims into opening a malicious email link.
Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed attempts may cause denial-of-service conditions.
Exploit / POC
Intervations MailCOPA Subject Parameter Remote Buffer Overflow Vulnerability
Attackers may exploit this issue by enticing victims into opening a malicious link.
Attackers may exploit this issue by enticing victims into opening a malicious link.
Solution / Fix
Intervations MailCOPA Subject Parameter Remote Buffer Overflow Vulnerability
Solution:
Reports indicate that a vendor fix is available to address this issue. Symantec has not confirmed this. Please contact the vendor for information on obtaining and applying fixes.
Solution:
Reports indicate that a vendor fix is available to address this issue. Symantec has not confirmed this. Please contact the vendor for information on obtaining and applying fixes.
References
Intervations MailCOPA Subject Parameter Remote Buffer Overflow Vulnerability
References:
References:
- Vulnerability in InterVations' MailCopa (skillTube.com)
- MailCOPA (Intervations)