Eudora Mail Imap Flags Remote Buffer Overflow Vulnerability
BID:24251
Info
Eudora Mail Imap Flags Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 24251 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-3166 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 05 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | Krystian Kloskowski is credited with the discovery of this vulnerability. |
| Vulnerable: |
Qualcomm Eudora 7.1 |
| Not Vulnerable: | |
Discussion
Eudora Mail Imap Flags Remote Buffer Overflow Vulnerability
Eudora Mail is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user supplied input before copying it into an insufficiently sized memory buffer.
Attackers can exploit this issue by enticing victims into connecting to a maliciously crafted IMAP email server using the vulnerable application.
An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects Eudora 7.1.
Eudora Mail is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user supplied input before copying it into an insufficiently sized memory buffer.
Attackers can exploit this issue by enticing victims into connecting to a maliciously crafted IMAP email server using the vulnerable application.
An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects Eudora 7.1.
Exploit / POC
Eudora Mail Imap Flags Remote Buffer Overflow Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Eudora Mail Imap Flags Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Eudora Mail Imap Flags Remote Buffer Overflow Vulnerability
References:
References:
- Eudora Product Homepage (Qualcomm)