CVE-2004-2719

Foxmail 5.0.300 - Buffer Overflow via Long From Field in Mail Message

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2719. PoCs published by xfocus.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in Foxmail 5.0's PunyLib.dll via a maliciously crafted email. It leverages shellcode to execute arbitrary commands, specifically using WinExec() to download and run a trojan via TFTP.

Description

Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339.

Exploits (1)

exploitdb WORKING POC VERIFIED
by xfocus · cremotewindows
https://www.exploit-db.com/exploits/164

This exploit targets a stack buffer overflow in Foxmail 5.0's PunyLib.dll via a maliciously crafted email. It leverages shellcode to execute arbitrary commands, specifically using WinExec() to download and run a trojan via TFTP.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Foxmail 5.0.300.0 and 5.0.210 BETA2
No auth needed
Prerequisites: SMTP server without authentication · TFTP server hosting a trojan · Victim using vulnerable Foxmail version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15640
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9954
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/164
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/11231

Scores

EPSS 0.0696
EPSS Percentile 93.3%

Details

CWE
CWE-119
Status published
Products (1)
foxmail/foxmail 5.0.300
Published Dec 31, 2004
Tracked Since Feb 18, 2026