Intrusion Prevention

EasyMail.AddAttachment.ActiveX.Memory.Corruption

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in the EasyMail ActiveX control in emsmtp.dll.
The vulnerability, which is located in the "emsmtp.dll" ActiveX control, can be exploited through misuse of a vulnerable method. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the application.

Affected Products

EasyMail 6 is vulnerable; other versions may also be affected.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any officially supplied patch for this issue.

CVE References

CVE-2009-4663