CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-0559

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0890%
EPSS Percentile33.94th
Published2006年4月4日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

Affected Platforms (CPE)

📦
Mcafee

Webshield Smtp

<= 4.5

References & Advisories

🔗 http://secunia.com/advisories/19491
🔗 http://securityreason.com/securityalert/671
🔗 http://securitytracker.com/id?1015861
🔗 http://www.osvdb.org/24366
🔗 http://www.securityfocus.com/archive/1/429812/100/0/threaded
🔗 http://www.securityfocus.com/bid/16742
🔗 http://www.vupen.com/english/advisories/2006/1219
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/25621

関連する脆弱性情報

CVE-2012-40147.8

Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of servic...

CVE-2000-11307.5

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters i...

CVE-2000-04477.5

Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter ...

CVE-2001-15427.5

NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote a...

CVE-2006-0559 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space