Critical stack-based buffer overflow in Active! mail 6 email server allows remote unauthenticated code execution. This vulnerability is actively exploited in the wild and listed in CISA KEV catalog.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: DIRECT_NETWORK
CVE Published: 2025-04-18
Added to CISA KEV: 2025-04-28 10 DAYS BETWEEN CVE AND KEV
CVE-2025-42599 is a critical stack-based buffer overflow vulnerability affecting Active! mail 6 (BuildInfo 6.60.05008561 and earlier), a product developed by QUALITIA CO., LTD. [1] [2]
Contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to ... CVE-2025-42599 is a critical stack-based buffer overflow vulnerability in Active! mail 6 BuildInfo: 6.60.05008561 and earlier. It may allo…
Active! mail provided by QUALITIA CO., LTD. contains a stack-based buffer overflow vulnerability (CWE-121). The developer states that attacks exploiting the ...
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat.
Description: Active! mail 6.60.05008561 and earlier contains a stack-based buffer overflow caused by processing specially crafted requests, ...
Hunter (@HunterMapping). Alert CVE-2025-42599 : An Active! Mail Zero-Day Remote Code Execution https://t.co/0vAibFLG89 affects Active!…
*CVE-2025-42599* is a newly identified stack-based buffer overflow vulnerability directly impacting Active! mail 6, specifically versions with BuildInfo 6.60.05008561 and older. This flaw allows remote, unauthenticated attackers to execute arbitrary code or trigger a denial-of-service (DoS) simply b…
This PR adds a detection template for CVE-2025-42599 affecting Active! Mail Server versions ≤ 6.60.05008561. The vulnerability is a stack-based ...