This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 PH Server Module (mercuryh.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 IMAPD Server Module (mercuryi.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
The Raw Message Handler (FORM2RAW.exe) CGI, accessible by default from the WebClient interface, lets unauthenticated users inject mails in the Raw messages queue that can trigger a stack overflow in MDaemon.exe
A successful exploit of a reported security vulnerability could allow an attacker to remotely execute arbitrary code on the ePolicy Orchestrator server. The attack would require network access to the ePolicy Orchestrator server system and reverse engineering of the proprietary communications protocol.
Subscribe to Windows