New Search

SMTP Memory Allocation Vulnerability

oval:org.mitre.oval:def:12175

The SMTP component in Microsoft Windows 2000 SP4 XP SP2 and SP3 Server 2003 SP2 and Server 2008 Gold SP2 and R2 and Exchange Server 2000 SP3 does not properly allocate memory for SMTP command replies which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command aka "SMTP Memory Allocation Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows 2000
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2010-0025
Product(s):
  • Microsoft Exchange Server 2000
  • SMTP