EasyMail IMAP4 ActiveX Control LicenseKey buffer overflow

Added: 11/16/2009
OSVDB: 59938

Background

QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products.

Problem

A buffer overflow vulnerability in the EasyMail IMAP4 ActiveX control, emimap4.dll, allows command execution when a user opens a web page which invokes this control with a specially crafted LicenseKey property.

Resolution

Upgrade to EasyMail Objects 6.5 or higher, or set the kill bit for class ID 0CEA3FB1-7F88-4803-AA8E-AD021566955D as described in Microsoft Knowledge Base Article 240797.

References

http://secunia.com/advisories/37269/
http://secunia.com/advisories/24199/

Limitations

Exploit works on Oracle Document Capture 10.1.3.5.0 and requires a user to open the exploit page in Internet Explorer 6 or 7.

Platforms

Windows

Back to exploit index