CyberSec.Space Logo
Back to CVE Browser

CVE-2005-1478

HIGH
7.5
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile6.94th
PublishedMay 11, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string specifiers in the xtellmail command.

Affected Platforms (CPE)

πŸ“¦
Netwin

Dmail

= 3.1a
πŸ“¦
Netwin

Dmail

= 3.1b

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=111531804617905&w=2
πŸ”— http://secunia.com/advisories/15242
πŸ”— http://securitytracker.com/id?1013885
πŸ”— http://www.security.org.sg/vuln/dmail31a.html
πŸ”— http://www.securityfocus.com/bid/13505
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20414
πŸ”— http://marc.info/?l=bugtraq&m=111531804617905&w=2
πŸ”— http://secunia.com/advisories/15242

Related Vulnerabilities

CVE-2000-049010.0

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a l...

CVE-2001-135510.0

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other ...

CVE-2008-500510.0

Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washingto...

CVE-2005-15167.5

DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a se...