1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Quiksoft Easymail AX BO

HTTP Quiksoft Easymail AX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a remote buffer overflow vulnerability in Quiksoft Easymail application.

Additional Information

Quiksoft EasyMail is an application that provides email sending/receiving for ActiveX applications.

EasyMail is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The vulnerability affects the 'AddAttachment()' method of the ActiveX control identified by CLSID: 68AC0D5F-0424-11D5-822F-00C04F6BA8D9.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious HTML page.

Successful exploits allow remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.

EasyMail 6 is vulnerable; other versions may also be affected.

Response

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube