← back
CVE-2007-4440

CVE-2007-4440

50Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 65%
from disclosure to weapon1 days
Published on NVDAug 21
1st PoC+1d
metasploitAug 18
exploitation probability
65%top 1% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.