CVE-2008-6922

Name of the Vulnerable Software and Affected Versions: CMailServer version 5.4.6

Description: The issue is caused by multiple stack-based buffer overflows in CMailCOM.dll, allowing remote attackers to execute arbitrary code via long arguments to various methods. These methods include CreateUserPath, Logout, DeleteMailByUID, MoveToInbox, MoveToFolder, DeleteMailEx, GetMailDataEx, SetReplySign, SetForwardSign, and SetReadSign in the POP3 Class ActiveX control, as well as AddAttach, SetSubject, SetBcc, SetBody, SetCc, SetFrom, SetTo, and SetFromUID in the SMTP Class ActiveX control. The indexOfMail parameter to mwmail.asp is also vulnerable.

Recommendations: For CMailServer version 5.4.6, consider disabling the vulnerable methods in the POP3 Class ActiveX control and the SMTP Class ActiveX control until a patch is available. Restrict access to the CMailCOM.dll to minimize the risk of exploitation. Avoid using long arguments to the affected methods. At the moment, there is no information about a newer version that contains a fix for this vulnerability.