Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly demonstrated by a web application that accepts untrusted input for this method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IceWarp Merak邮件服务器Base64FileEncode()函数栈溢出漏洞
Vulnerability Description
Merak Email Server是一个全面的办公室局域网或Internet通讯邮件解决方案。 Merak邮件服务器的api.dll库没有正确地验证对Base64FileEncode()函数所传送的第二个参数,如果远程攻击者向icewarp_apiobjectcall()函数的最后一个参数提交了超长输入的话,就可以触发栈溢出,导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A