CVE-2005-1903

SPA-PRO Mail @Solomon 4.00 - Authenticated Buffer Overflow via IMAP CREATE Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1903. PoCs published by Jerome Athias.

AI-analyzed exploit summary This is a functional exploit for CVE-2005-1903, targeting a buffer overflow in e-Post SPA-PRO Mail @Solomon SPA-IMAP4S 4.01. It binds a shell on port 2001 by sending a crafted IMAP command with embedded shellcode.

Description

Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jerome Athias · c++remotewindows

https://www.exploit-db.com/exploits/1026

View Code ZIP pw:eip

This is a functional exploit for CVE-2005-1903, targeting a buffer overflow in e-Post SPA-PRO Mail @Solomon SPA-IMAP4S 4.01. It binds a shell on port 2001 by sending a crafted IMAP command with embedded shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: e-Post SPA-PRO Mail @Solomon SPA-IMAP4S 4.01

Auth required

Prerequisites: Valid IMAP credentials · Network access to the IMAP service (port 143) · Japanese Windows 2000 SP4 target (due to hardcoded return address)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →