CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2375

HIGH
7.5
CVSS Severity Score
EPSS Score0.1760%
EPSS Percentile15.69th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest).

Affected Platforms (CPE)

πŸ“¦
1st Class Internet Solutions

1st Class Mail Server

= 4.0

References & Advisories

πŸ”— http://secunia.com/advisories/11029
πŸ”— http://securitytracker.com/id?1009279
πŸ”— http://www.digiti.be/jeffosz/advisories/1stclasspop3.txt
πŸ”— http://www.osvdb.org/4129
πŸ”— http://www.securityfocus.com/bid/9794
πŸ”— http://www.zone-h.org/advisories/read/id=4047
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15314
πŸ”— http://secunia.com/advisories/11029

Related Vulnerabilities

CVE-2004-24465.0

Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot do...

CVE-2004-24474.3

Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or H...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...