CVE-2007-1578

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1040%

EPSS Percentile13.49th

PublishedMar 21, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.

Affected Platforms (CPE)

📦

Atrium Software

Mercur Imapd

= 5.00.14

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0280.html

🔗 http://secunia.com/advisories/24596

🔗 http://securitytracker.com/id?1017798

🔗 http://www.digit-labs.org/files/exploits/mercur-v1.pl

🔗 http://www.osvdb.org/33545

🔗 http://www.securityfocus.com/bid/23058

🔗 http://www.vupen.com/english/advisories/2007/1053

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33120

Vulnerability Description

Affected Platforms (CPE)

Mercur Imapd

References & Advisories

Related Vulnerabilities