CVE-2005-0560

Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.

Date published : 2005-04-13

http://marc.info/?l=bugtraq&m=111393947713420&w=2

http://www.us-cert.gov/cas/techalerts/TA05-102A.html