Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response.
References
Link | Resource |
---|---|
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759 | Broken Link |
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ326322 | |
http://www.iss.net/security_center/static/9658.php | Broken Link |
http://www.securityfocus.com/bid/5306 | Third Party Advisory VDB Entry |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-037 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2002-08-12 04:00
Updated : 2024-02-04 16:31
NVD link : CVE-2002-0698
Mitre link : CVE-2002-0698
CVE.ORG link : CVE-2002-0698
JSON object : View
Products Affected
microsoft
- exchange_server
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')