CVE-2003-1192

IA WebMail Server 3.1.0 - Stack-Based Buffer Overflow via Long GET Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2003-1192. PoCs published by Metasploit, Peter Winter-Smith, hdm, including Metasploit module exploits/windows/http/ia_webmail.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in IA WebMail 3.x via a crafted HTTP request. It sends a long string followed by a return address and shellcode to achieve remote code execution.

Description

Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16767

This is a Metasploit module exploiting a stack buffer overflow in IA WebMail 3.x via a crafted HTTP request. It sends a long string followed by a return address and shellcode to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: IA WebMail 3.x
No auth needed
Prerequisites: Network access to the IA WebMail server · IA WebMail 3.x running on a vulnerable system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Peter Winter-Smith · perlremotewindows
https://www.exploit-db.com/exploits/124

This exploit targets a buffer overflow vulnerability in IA WebMail 3.x (iaregdll.dll version 1.0.0.5) to achieve remote code execution. It uses a crafted GET request with shellcode that downloads and executes a payload from a remote URL.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IA WebMail 3.x (iaregdll.dll version 1.0.0.5)
No auth needed
Prerequisites: Network access to the target server · IA WebMail 3.x with vulnerable iaregdll.dll
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Peter Winter-Smith · perlremotewindows
https://www.exploit-db.com/exploits/23334

This exploit targets a buffer overflow vulnerability in IA WebMail Server via a crafted GET request. It attempts to execute arbitrary shellcode by overwriting the EIP register with a specific address.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: IA WebMail Server
No auth needed
Prerequisites: Network access to the target server · IA WebMail Server running on port 8180
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ia_webmail.rb

This Metasploit module exploits a stack buffer overflow in IA WebMail 3.x by sending a crafted HTTP request with a long string followed by a return address and shellcode. The vulnerability allows remote code execution due to improper bounds checking.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: IA WebMail 3.x
No auth needed
Prerequisites: Network access to the IA WebMail server · IA WebMail 3.x running on a vulnerable system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/8965
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13580
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1008075
Various Sources x_refsource_misc
http://www.elitehaven.net/iawebmail.txt
Vendor Advisory vdb-entry x_refsource_osvdb
http://www.osvdb.org/2757
Exploit mailing-list x_refsource_vulnwatch
http://www.derkeiler.com/Mailing-Lists/VulnWatch/2003-11/0001.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/10107

Scores

EPSS 0.6917
EPSS Percentile 99.3%

Details

Status published
Products (2)
truenorth_software/ia_webmail_server 3.0
truenorth_software/ia_webmail_server 3.1
Published Nov 03, 2003
Tracked Since Feb 18, 2026