Unrated severityNVD Advisory· Published Apr 4, 2006· Updated Apr 16, 2026

CVE-2006-0559

Description

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

Affected products

McAfee/Webshield SMTP
cpe:2.3:a:mcafee:webshield_smtp:*:mr2_patch:*:*:*:*:*:*
Range: <=4.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19491nvdPatchVendor Advisory
www.securityfocus.com/bid/16742nvdPatch
securityreason.com/securityalert/671nvd
securitytracker.com/idnvd
www.osvdb.org/24366nvd
www.securityfocus.com/archive/1/429812/100/0/threadednvd
www.vupen.com/english/advisories/2006/1219nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25621nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.016
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000