CVE-2005-4267

Qualcomm Worldmail - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16474

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by MC, jduck · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/eudora_list.rb

View Code ZIP pw:eip

exploitdb WORKING POC

pythonremotewindows

https://www.exploit-db.com/exploits/1380

View on exploitdb

References (7)

[Exploit, Vendor Advisory] http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html

[Vendor Advisory] http://secunia.com/advisories/17640

[Vendor Advisory] http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359

[Exploit] http://www.securityfocus.com/bid/15980

[Vendor Advisory] http://www.vupen.com/english/advisories/2005/3005

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015391

[Third Party Advisory] http://securityreason.com/securityalert/277

Scores

EPSS 0.7579

EPSS Percentile 98.9%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

qualcomm/worldmail

Timeline

Published Dec 21, 2005

Tracked Since Feb 18, 2026