Oracle Document Capture EasyMail ActiveX Control Vulnerability
Severity: CRITICAL
CVE Identifier: CVE-2007-4607
Advisory Date: JUL 21, 2015
DESCRIPTION
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1003829
Trend Micro Deep Security DPI Rule Name: 1003829 - Oracle Document Capture EasyMail ActiveX Control Vulnerability
AFFECTED SOFTWARE AND VERSION
- Gate Comm Software Postcast Server Pro 3.0.61
- Quicksoft EasyMail Objects unknown