Mercury.Mail.Transport.System.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in Mercury Mail.
The vulnerability is caused by the application's inability to properly sanitize user-supplied input before the vulnerable application copies it to an insufficient memory buffer. It may allow a remote attacker to execute arbitrary code with SYSTEM privileges.
Affected Products
David Harris Mercury (win32 version) 4.0 1b
David Harris Mercury (win32 version) 4.0 1a
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
The vendor has released a patch to address this issue.
David Harris Mercury (win32 version) 4.0 1b
ftp://ftp.usm.maine.edu/pegasus/mercury32/m4-whfix.zip
David Harris Mercury (win32 version) 4.0 1a
ftp://ftp.usm.maine.edu/pegasus/mercury32/m4-whfix.zip
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-03-30 | 20.285 | Sig Added |