EasyMail SMTP Object ActiveX Control Multiple Buffer Overflows

High Nessus Plugin ID 26185


The remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.


EasyMail Objects, a set of COM objects for supporting email protocols, is installed on the remote Windows host. It may have been bundled with a third-party application, such as Oracle Document Capture, Earthlink internet access software, Borland Caliber RM Client, and FrontRange Heat.

The SMTP component of the version of this control installed on the remote host reportedly contains multiple buffer overflows involving the AddAttachment and SubmitToExpress methods that could lead to arbitrary code execution on the affected system. Successful exploitation requires, though, that an attacker trick a user on the affected host into visiting a specially crafted web page.


Either disable its use from within Internet Explorer by setting its kill bit or remove it completely.

See Also


Plugin Details

Severity: High

ID: 26185

File Name: easymail_objects_smtp_activex_overflows.nasl

Version: $Revision: 1.20 $

Type: local

Agent: windows

Family: Windows

Published: 2007/09/25

Modified: 2015/10/08

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:W/RC:ND

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2007/08/28

Exploitable With

Core Impact

Metasploit (Oracle Document Capture 10g ActiveX Control Buffer Overflow)

Reference Information

CVE: CVE-2007-4607, CVE-2009-4663

BID: 25467, 36440

OSVDB: 38335, 59939

CERT: 281977

EDB-ID: 4328, 9705

CWE: 119