CVE-2018-25223 in Crashmail
摘要 (英语)
Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts potentially causing denial of service.
负责
VulnCheck
预定
2026-03-28
披露
2026-03-28
条目
| 已发布 | 基础 | 临时 | 漏洞 | CWE | 产品 | 可利用 | 对策 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026-03-28 | 8.5 | 8.2 | Crashmail 内存损坏 | 787 | 未知 | 概念验证 | 未定义 | 0.00180 | 0.97 | CVE-2018-25223 |