XCmail Overflow

HIGH (10.0) No Patch (9728 days)
buffer-overflowemail-clientremote-executionxcmail

Threat Intelligence

⚠️ CRITICAL GAP - Exploits exist but no detection available
EPSS Score: 9.20% chance of exploitation (percentile: 92%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: Exploit-DB

How we test →

What is it?

XCmail is an email client that allows users to compose and send emails. A buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.

Am I affected?

You're affected if you use XCmail version 0.99.6 with autoquote enabled. To check, run the command grep "autoquote" /etc/xcmailrc or grep "autoquote" ~/.xcmailrc (note: these commands are specific to Unix-like systems).

If you don't recognize XCmail as an email client, you're probably not affected.

Version info: Not specified in the advisory.

Affected Products

None (XCmail is no longer actively maintained) / XCmail

How to fix

  1. Upgrade to XCmail version 0.99.7 or later from here.
  2. If upgrading isn't possible immediately, disable autoquote by adding autoquote=0 to your email client configuration file (e.g., /etc/xcmailrc on Unix-like systems).

References