This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name