Unrated severityNVD Advisory· Published Oct 20, 2005· Updated Apr 16, 2026

CVE-2005-3182

Description

Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.

Affected products

Gfi/Mailsecurity
cpe:2.3:a:gfi:mailsecurity:8.1:*:exchange_smtp:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kbase.gfi.com/showarticle.aspnvdPatch
secunia.com/advisories/17136/nvdPatchVendor Advisory
www.securityfocus.com/bid/15081nvdPatch
archives.neohapsis.com/archives/fulldisclosure/2005-10/0290.htmlnvd
marc.infonvd
securityreason.com/securityalert/74nvd
securitytracker.com/idnvd
www.osvdb.org/19926nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000