CVE-2007-3796

CVE-2007-3796 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a malicious value, which triggers SQL buffer truncation due to length inconsistencies between variables.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.