CVE-2019-25646— Tabs Mail Carrier 2.5.1 Buffer Overflow via MAIL FROM

Tabs Mail Carrier 2.5.1 Buffer Overflow via MAIL FROM

Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an oversized buffer to overwrite the EIP register and execute a bind shell payload.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

跨界内存写

Tabs Mail Carrier 缓冲区错误漏洞

Tabs Mail Carrier是Tabs公司的一款邮件发送与邮件列表管理的电子邮件服务器软件。 Tabs Mail Carrier 2.5.1版本存在缓冲区错误漏洞，该漏洞源于MAIL FROM SMTP命令存在缓冲区溢出，可能导致远程攻击者执行任意代码。

N/A

N/A