CVE-2003-1382
ISMail <= 1.4.3 - Remote Code Execution via Long Domain Name in MAIL FROM or RCPT TO Fields
Title source: llmDescription
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11432
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3254
Patch mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/313363
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6972
Scores
EPSS
0.0290
EPSS Percentile
85.4%
Details
CWE
CWE-119
Status
published
Products (1)
instantservers_inc./ismail
1.4.3
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026