CVE-2003-1177
Published Dec 31, 2003
Last updated 7 years ago
Overview
- Description
- Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21F437B6-9274-4C7C-B6BD-9FE20A079217"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:3.3_sp1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB018B5C-EBBC-40A7-B4F4-C0009242702B"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:3.3_sp2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C13D4A1-D667-417A-9251-B305CF38041D"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B14E71D-E284-460C-820C-7655B6E41CBA"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:4.1_sp1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1D553E2-0B9F-4C9E-8EA6-AE423183A72A"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7A18F82-D66B-4C58-A1A5-17D139905717"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:4.2_sp1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53FA2662-6059-41C5-9118-471DFE53C782"
},
{
"criteria": "cpe:2.3:a:atrium_software:mercur_mailserver:4.2_sp2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3A973DC-17DE-458A-B598-8618589F68A0"
}
],
"operator": "OR"
}
]
}
]