Detections
Analytics
EasyMail SMTP Object ActiveX Control Multiple Buffer Overflows
high Nessus Plugin ID 26185
Synopsis
The remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.Description
EasyMail Objects, a set of COM objects for supporting email protocols, is installed on the remote Windows host. It may have been bundled with a third-party application, such as Oracle Document Capture, Earthlink internet access software, Borland Caliber RM Client, and FrontRange Heat.The SMTP component of the version of this control installed on the remote host reportedly contains multiple buffer overflows involving the AddAttachment and SubmitToExpress methods that could lead to arbitrary code execution on the affected system. Successful exploitation requires, though, that an attacker trick a user on the affected host into visiting a specially crafted web page.
Solution
Either disable its use from within Internet Explorer by setting its kill bit or remove it completely.See Also
https://www.securityfocus.com/archive/1/526440/30/0/threaded
Plugin Details
Severity: High
ID: 26185
File Name: easymail_objects_smtp_activex_overflows.nasl
Version: 1.22
Type: local
Agent: windows
Family: Windows
Published: 9/25/2007
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
Required KB Items: SMB/Registry/Enumerated
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 8/28/2007
Exploitable With
Core Impact
Metasploit (Oracle Document Capture 10g ActiveX Control Buffer Overflow)
Reference Information
CVE: CVE-2007-4607, CVE-2009-4663