ID:4098 - Exploit for Buffer overflow in IncrediMail - CVE-2010-5289

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4098 - Exploit for Buffer overflow in IncrediMail - CVE-2010-5289

ID:4098 - Exploit for Buffer overflow in IncrediMail - CVE-2010-5289

Published: August 11, 2020


Vulnerability identifier: #VU42631
Vulnerability risk: Medium
CVE-ID: CVE-2010-5289
CWE-ID: CWE-119
Exploitation vector: Remote access
Vulnerable software:
IncrediMail

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll in IncrediMail 2.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in the first argument.


Remediation

Install update from vendor's website.