CNNVD-202508-2568 Information

Aug 21, 2025 cve

CNNVD ID

CNNVD-202508-2568

CVE-2010-20119

CNNVD Published: 2025-08-21

Description (Chinese)

CommuniCrypt Mail是CommuniCrypt公司的一款加密邮件客户端。 CommuniCrypt Mail 1.16及之前版本存在安全漏洞，该漏洞源于ANSMTP.dll和AOSMTP.dll ActiveX控件中AddAttachments方法未验证输入长度，可能导致栈缓冲区溢出。

Description (English)

CompuniCrypt Mail is an encrypted mail client of CommuniCrypt. There is a security loophole in CommuniCrypt Mail 1.16 and earlier versions, which stems from the failure to verify the length of the AddAttachments method in ANSMTP.dll and AOSMTP.dll ActiveX controls, which may result in spilling over the fence.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CommuniCrypt

Published

2025-08-21

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/communicrypt-mail-activex-control-buffer-overflow https://www.fortiguard.com/encyclopedia/ips/23099 https://www.exploit-db.com/exploits/12663 https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=24374 https://softwarelode.com/4185/details-communicrypt-mail.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/communicrypt_mail_activex.rb https://nvd.nist.gov/vuln/detail/CVE-2010-20119

Share on: