CVE-2007-1578

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1040%

EPSS Percentile13.49th

Published2007年3月21日

Last Modified2026年4月23日

Vulnerability Description

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.

Affected Platforms (CPE)

📦

Atrium Software

Mercur Imapd

= 5.00.14

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0280.html

🔗 http://secunia.com/advisories/24596

🔗 http://securitytracker.com/id?1017798

🔗 http://www.digit-labs.org/files/exploits/mercur-v1.pl

🔗 http://www.osvdb.org/33545

🔗 http://www.securityfocus.com/bid/23058

🔗 http://www.vupen.com/english/advisories/2007/1053

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33120

Vulnerability Description

Affected Platforms (CPE)

Mercur Imapd

References & Advisories

関連する脆弱性情報