CVE-2007-0886
published 2007-02-12CVE-2007-0886: Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute…
PriorityP348critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.68%
94.5th percentile
Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gecad_technologies | axigen_mail_server | — | — |
| gecad_technologies | axigen_mail_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Buffer Underwrite ('Buffer Underflow')
mitre_cwe
CWE-124 Buffer Underwrite ('Buffer Underflow')
CWE-124: Buffer Underwrite ('Buffer Underflow')
The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
Modes of Introduction:
Phase: Implementation
Note: This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used.
Common Consequences:
Scope: Integrity, Availability. Impact: Modify Memory, DoS: Crash, Exit, or Restart. Out of bounds memory access will very likely result in the corruption of relevant memory, and perhaps instructions, possibly leading to a crash.
Scope: Integrity, Confidentiality, Availability, Access Control, Other. Impact: Execute U
CWE
Access of Memory Location Before Start of Buffer
mitre_cwe
CWE-786 Access of Memory Location Before Start of Buffer
CWE-786: Access of Memory Location Before Start of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Confidentiality. Impact: Read Memory. For an out-of-bounds read, the attacker may have access to sensitive information. If the sensitive information contains system details, such as the current buffer's position in memory, this knowledge can be used to craft further attacks, possibly with more sev
http://marc.info/?l=full-disclosure&m=117094708423302&w=2http://osvdb.org/38133http://secunia.com/advisories/24073http://www.securityfocus.com/bid/22473https://exchange.xforce.ibmcloud.com/vulnerabilities/32342https://www.exploit-db.com/exploits/3289http://marc.info/?l=full-disclosure&m=117094708423302&w=2http://osvdb.org/38133http://secunia.com/advisories/24073http://www.securityfocus.com/bid/22473https://exchange.xforce.ibmcloud.com/vulnerabilities/32342https://www.exploit-db.com/exploits/3289
2007-02-12
Published