Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.

BID:7842 | URL:http://www.securityfocus.com/bid/7842 | BUGTRAQ:20030606 Multiple Buffer Overflow Vulnerabilities Found in MERCUR Mail server v.4.2 (SP2) - IMAP protocol | URL:http://www.securityfocus.com/archive/1/324136 | XF:mercur-multiple-bo(12203) | URL:http://www.iss.net/security_center/static/12203.php