CVE-2019-11395
MailCarrier 2.51 TOP Buffer Overflow
Time Line
Published
2024-03-19
Updated
2024-03-19
Firt exploit
2024-03-19
Overview
Descriptions (2)
NVD, NVD
CWE (1)
CWE-787: Out-of-bounds Write
CAPEC (-)
Risk
CVSS Score
9.8 Critical
SSVC
-
KEV
-
EPSS
20.2%
Affected Products (-)
Vendors (1)
tabslab
Products (1)
mailcarrier
Versions (1)
2.51
Intel Resources (5)
Advisories (-)
-
Exploits (5)
PacketStorm
Plugins (-)
-
References (17)
General (-)
Exploits & POcs (17)
packetstorm, github ...
Patches (-)
Advisories (-)
Summary
Descriptions
A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.
Un desbordamiento de búfer en MailCarrier versión 2.51 permite a los atacantes remotos ejecutar código arbitrario mediante una cadena larga, como es demostrado por SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP o POP3 RETR.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-04-13 CVE Published
- 2019-04-13 First Exploit
- 2019-04-21 CVE Reserved
- 2024-08-04 CVE Updated
- 2025-02-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
Threat Intelligence Resources (5)
| Select | Title | Date |
|---|
Security Advisory details:
Select an advisory to view details here.
| Select | Title | Date |
|---|---|---|
| MailCarrier 2.51 TOP Buffer Overflow | 2019-04-14 | |
| MailCarrier 2.51 LIST Buffer Overflow | 2019-04-14 | |
| MailCarrier 2.51 RCPT TO Buffer Overflow | 2019-04-13 | |
| MailCarrier 2.51 USER Buffer Overflow | 2019-04-14 | |
| MailCarrier 2.51 RETR Buffer Overflow | 2019-04-16 |
Select an exploit to view details here.
References (17)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tabslab Search vendor "Tabslab" | Mailcarrier Search vendor "Tabslab" for product "Mailcarrier" | 2.51 Search vendor "Tabslab" for product "Mailcarrier" and version "2.51" | - |
Affected
| ||||||