Foxmail USER Command Multiple Remote Vulnerabilities

info
discussion
exploit
solution
references

Foxmail USER Command Multiple Remote Vulnerabilities

An exploit for the buffer overflow vulnerability was provided. A proof of concept for the heap overflow is available as well. A proof of concept for the format string issue has also be released.

/data/vulnerabilities/exploits/foxmail_poc.py
/data/vulnerabilities/exploits/foxmail_bof.c
/data/vulnerabilities/exploits/foxmailFormatStringVulnPoC.c