A remote overflow exists in CMailServer. The CMailServer uses an unsafe sprintf call resulting in a buffer overflow when handling an overly long filename in urlOfAttach. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
Upgrade to version 5.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.