Buffer Overflow Vulnerability in GFI MailSecurity by GFI Software
CVE-2005-3182

Currently unrated

Key Information:

Vendor: Gfi
Status: Mailsecurity
Vendor: CVE Published:; 20 October 2005

What is CVE-2005-3182?

A buffer overflow vulnerability exists in the HTTP management interface of GFI MailSecurity 8.1, which permits remote attackers to execute arbitrary code. This exploit typically occurs through the manipulation of long HTTP headers, particularly the Host and Accept fields. The vendor has indicated that this issue may stem from an underlying Microsoft technology, suggesting potential implications for other products as well. Organizations using GFI MailSecurity should apply necessary patches and safeguards to protect against possible exploitation of this vulnerability.

References

http://securitytracker.com/id?1015046

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/15081

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/74

third-party-advisoryx_refsource_SREASON

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 20, 2005
Vulnerability Reserved
Oct 12, 2005

Gfi

What is CVE-2005-3182?

References

EPSS Score

Timeline