返回 CVE 瀏覽器

CVE-2006-0559

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0890%

EPSS Percentile33.94th

Published2006年4月4日

Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

Affected Platforms (CPE)

📦

Mcafee

Webshield Smtp

<= 4.5

References & Advisories

🔗 http://secunia.com/advisories/19491

🔗 http://securityreason.com/securityalert/671

🔗 http://securitytracker.com/id?1015861

🔗 http://www.osvdb.org/24366

🔗 http://www.securityfocus.com/archive/1/429812/100/0/threaded

🔗 http://www.securityfocus.com/bid/16742

🔗 http://www.vupen.com/english/advisories/2006/1219

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/25621

相關漏洞威脅

CVE-2012-40147.8

Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of servic...

CVE-2000-11307.5

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters i...

CVE-2000-04477.5

Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter ...

CVE-2001-15427.5

NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote a...