CVE-2009-1029

Poppeeper Pop Peeper < 3.4.0.0 - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.

Exploits (5)

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/poppeeper_uidl.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16441

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16458

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Jeremy Brown · perlremotewindows

https://www.exploit-db.com/exploits/8203

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/poppeeper_date.rb

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/34077

[Various Sources] http://www.krakowlabs.com/res/adv/KL0309ADV-poppeeper_date-bof.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/49215

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/501701/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/34093

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8203

Scores

EPSS 0.7196

EPSS Percentile 98.7%

Classification

CWE

CWE-119

Status draft

Affected Products (4)

poppeeper/pop_peeper < 3.4.0.0

poppeeper/pop_peeper

Timeline

Published Mar 20, 2009

Tracked Since Feb 18, 2026