1 results (0.001 seconds)
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3796
https://notcve.org/view.php?id=CVE-2007-3796
17 Jul 2007 — The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a malicious value, which triggers SQL buffer truncation due to length inconsistencies between variables. La característica de reinicio de la contraseña en el interface Spam Quarantine HTTP para SMTP 6.2.0.x anterior 6.2.1 permite a atacantes remotos modificar cuen... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064676.html •