Remote Code Execution Vulnerability in DMail by DMail Technologies
CVE-2005-1478

Currently unrated

Key Information:

Vendor

Netwin

Status
Dmail
Vendor
CVE Published:
11 May 2005

What is CVE-2005-1478?

The DMail application, specifically version 3.1a, contains a format string vulnerability in its dSMTP (dsmtp.exe) component. This flaw allows remote attackers to exploit format string specifiers via the 'xtellmail' command, potentially leading to arbitrary code execution. Attackers leveraging this vulnerability can manipulate input in such a way that they cause the program to execute unintended instructions, compromising system security. This vulnerability necessitates immediate attention for users running the affected version to avoid potential exploitation.

References

http://secunia.com/advisories/15242
third-party-advisoryx_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=111531804617905&w=2
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/20414
vdb-entryx_refsource_XF

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.