EasyMail SMTP ActiveX Control AddAttachment buffer overflow
Added: 12/10/2009BID: 36440
OSVDB: 59939
Background
QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products.Problem
A stack buffer overflow vulnerability in the EasyMail.SMTP.6 ActiveX control (emsmtp.dll) allows remote command execution when a user opens a specially crafted web page that invokes this control with an overly long argument to the AddAttachment method.Resolution
Upgrade to EasyMail Objects 6.5 or higher, or set the kill bit for class ID 68AC0D5F-0424-11D5-822F-00C04F6BA8D9 as described in Microsoft Knowledge Base Article 240797.References
http://secunia.com/advisories/24199/Limitations
Exploit works on Oracle Document Capture 10.1.3.5.0.The user must open the exploit page using Internet Explorer 6 or 7.
Platforms
WindowsBack to exploit index