ELM frm Command Remote Buffer Overflow Vulnerability

It has been reported that ELM e-mail client may be prone to a remote buffer overflow vulnerability. A remote attacker may be able to cause a buffer overrun condition by sending a message with an excessively long header field. Specifically, the issue is presented if the maliciously crafted message is opened by a user via the 'frm' command.

Successful exploitation of this vulnerability may allow a remote attacker to execute arbitrary code in the context of the user.

Although unconfirmed, ELM versions 2.5.6 and prior may be vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus