CVE-2004-2719

Foxmail - Memory Corruption

Title source: rule

Description

Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339.

Exploits (1)

exploitdb WORKING POC VERIFIED

by xfocus · cremotewindows

https://www.exploit-db.com/exploits/164

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15640

[Exploit] http://www.securityfocus.com/bid/9954

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/164

[Patch, Vendor Advisory] http://secunia.com/advisories/11231

Scores

EPSS 0.2011

EPSS Percentile 95.5%

Details

CWE

CWE-119

Status published

Products (1)

foxmail/foxmail 5.0.300

Published Dec 31, 2004

Tracked Since Feb 18, 2026