CVE-2003-1382

ISMail <= 1.4.3 - Remote Code Execution via Long Domain Name in MAIL FROM or RCPT TO Fields

Title source: llm
STIX 2.1

Description

Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11432
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3254
Patch mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/313363
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6972

Scores

EPSS 0.0290
EPSS Percentile 85.4%

Details

CWE
CWE-119
Status published
Products (1)
instantservers_inc./ismail 1.4.3
Published Dec 31, 2003
Tracked Since Feb 18, 2026