Unrated severityNVD Advisory· Published Feb 23, 2007· Updated Apr 23, 2026

CVE-2006-7038

Description

Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service (crash) via (1) "long command lines at port 32000" and (2) certain name service queries that are not properly handled by the SMTP service.

Affected products

Atrium Software/Mercur Messaging 20053 versions
cpe:2.3:a:atrium_software:mercur_messaging_2005:5.0_sp3:*:enterprise:*:*:*:*:*+ 2 more
- cpe:2.3:a:atrium_software:mercur_messaging_2005:5.0_sp3:*:enterprise:*:*:*:*:*
- cpe:2.3:a:atrium_software:mercur_messaging_2005:5.0_sp3:*:lite:*:*:*:*:*
- cpe:2.3:a:atrium_software:mercur_messaging_2005:5.0_sp3:*:standard:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20432nvdPatchVendor Advisory
www.securityfocus.com/bid/18462nvdPatch
www.atrium-software.com/download/McrReadMe_EN.htmlnvd
www.vupen.com/english/advisories/2006/2354nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27231nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000