Mercury Mail Transport System Concatenated Data Buffer Overflow Vulnerability

Mercury Mail Transport System Concatenated Data Buffer Overflow Vulnerability

Mercury Mail Transport System is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary machine code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.

Version 4.01b is vulnerable; other versions may also be affected.