Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-42599
Analyzed
Known KEV
More InfoOfficial Page
Source-vultures@jpcert.or.jp
View Known Exploited Vulnerability (KEV) details
Published At-18 Apr, 2025 | 04:15
Updated At-29 Apr, 2025 | 19:46

Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2025-04-282025-05-19Qualitia Active! Mail Stack-Based Buffer Overflow VulnerabilityApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
qualitia
qualitia
>>active\!_mail>>Versions before 6.60.05008562(exclusive)
cpe:2.3:a:qualitia:active\!_mail:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Primaryvultures@jpcert.or.jp
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jvn.jp/en/jp/JVN22348866/vultures@jpcert.or.jp
Third Party Advisory
https://www.qualitia.com/jp/news/2025/04/18_1030.htmlvultures@jpcert.or.jp
Vendor Advisory
Change History
0Changes found
Details not found