CVE-2010-20119
BaseFortify
Publication date: 2025-08-21
Last updated on: 2025-08-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| communicrypt | 1.16 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in CommuniCrypt Mail versions up to 1.16, specifically in the ANSMTP.dll and AOSMTP.dll ActiveX controls within the AddAttachments() method. The method does not properly check the length of input strings, allowing an attacker to provide an overly long string that exceeds the fixed-size stack buffer. This can corrupt adjacent memory, including exception handlers, potentially allowing an attacker to disrupt the program's control flow.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to execute arbitrary code or disrupt the normal operation of the application by corrupting memory and control flow. This could lead to system compromise, data loss, or denial of service if exploited.