CVE-2017-6506 in Data Expert Ultimateinfo

Summary

In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

03/06/2017

Disclosure

03/10/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

Exploit

Download

CVSS

8.0

EPSS

0.21599

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-6506
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-6506
CVE Details	https://www.cvedetails.com/cve/CVE-2017-6506/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!