Buffer Overflow Vulnerability in Azure Data Expert Ultimate 2.2.16 SMTP Verification Function

CVE-2017-6506 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.

Learn more about our Azure Audit.