CVE-2006-1255
Mercur Messaging 5.0 SP3 - Buffer Overflow
Title source: llmDescription
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
Exploits (8)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16476
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16481
exploitdb
WORKING POC
VERIFIED
by muts · pythonremotewindows
https://www.exploit-db.com/exploits/3540
exploitdb
WORKING POC
VERIFIED
by Jacopo Cervini · perlremotewindows
https://www.exploit-db.com/exploits/3133
exploitdb
WORKING POC
VERIFIED
by Jacopo Cervini · perlremotewindows
https://www.exploit-db.com/exploits/2345
metasploit
WORKING POC
NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/mercur_imap_select_overflow.rb
metasploit
WORKING POC
NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/mercur_login.rb
References (7)
Scores
EPSS
0.8652
EPSS Percentile
99.4%
Details
Status
published
Products (1)
mercur/mercur_messaging
< 2005_5.0_sp3
Published
Mar 19, 2006
Tracked Since
Feb 18, 2026