Eureka Email POP3 Error Stack Buffer Overflow

Added: 02/16/2010
CVE: CVE-2009-3837
OSVDB: 59262

Background

Eureka Email is an e-mail client with built-in junk e-mail filtering.

Problem

A malicious POP3 mail server can send a long error message to the Eureka Email client, causing a stack buffer overflow.

Resolution

Upgrade when a fix becomes available or use a different e-mail client.

References

http://secunia.com/advisories/37132/

Limitations

Exploit works on Eureka Email 2.2q and the user must use Eureka Email to contact the exploit server using the POP protocol.

Platforms

Windows

Back to exploit index