EasyMail SMTP Object ActiveX Control Multiple Buffer Overflows
High Nessus Plugin ID 26185
SynopsisThe remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.
DescriptionEasyMail Objects, a set of COM objects for supporting email protocols, is installed on the remote Windows host. It may have been bundled with a third-party application, such as Oracle Document Capture, Earthlink internet access software, Borland Caliber RM Client, and FrontRange Heat.
The SMTP component of the version of this control installed on the remote host reportedly contains multiple buffer overflows involving the AddAttachment and SubmitToExpress methods that could lead to arbitrary code execution on the affected system. Successful exploitation requires, though, that an attacker trick a user on the affected host into visiting a specially crafted web page.
SolutionEither disable its use from within Internet Explorer by setting its kill bit or remove it completely.