Search criteria
66 vulnerabilities found for mailenable_professional by mailenable
CVE-2008-1276 (GCVE-0-2008-1276)
Vulnerability from nvd – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI
Summary
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/29277 | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/maildisable-adv.txt | x_refsource_MISC |
| https://www.exploit-db.com/exploits/5249 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2008/0799… | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3724 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/489270/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1019565 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/28145 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:33.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1276",
"datePublished": "2008-03-10T23:00:00.000Z",
"dateReserved": "2008-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:17:33.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1275 (GCVE-0-2008-1275)
Vulnerability from nvd – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI
Summary
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/5235 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/28154 | vdb-entryx_refsource_BID |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2008/0800… | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/29300 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5235",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28154"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1275",
"datePublished": "2008-03-10T23:00:00.000Z",
"dateReserved": "2008-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:17:34.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1277 (GCVE-0-2008-1277)
Vulnerability from nvd – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI
Summary
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/29277 | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/maildisable-adv.txt | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2008/0799… | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3724 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/489270/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1019565 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/28145 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1277",
"datePublished": "2008-03-10T23:00:00.000Z",
"dateReserved": "2008-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:17:34.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1301 (GCVE-0-2007-1301)
Vulnerability from nvd – Published: 2007-03-07 00:00 – Updated: 2024-08-07 12:50
VLAI
Summary
Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2007/0811 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/24361 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/22792 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1017739 | vdb-entryx_refsource_SECTRACK |
| https://www.exploit-db.com/exploits/3397 | exploitx_refsource_EXPLOIT-DB |
Date Public
2007-03-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0811",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24361"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1301",
"datePublished": "2007-03-07T00:00:00.000Z",
"dateReserved": "2007-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:50:35.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0651 (GCVE-0-2007-0651)
Vulnerability from nvd – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2258 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/23998 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/Professional20-ReleaseN… | x_refsource_CONFIRM |
| http://osvdb.org/33189 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/33190 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/460063/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/33188 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/0595 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/secunia_research/2007-38/advisory/ | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/22554 | vdb-entryx_refsource_BID |
Date Public
2007-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "http://www.mailenable.com/Professional20-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"refsource": "OSVDB",
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"refsource": "OSVDB",
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"refsource": "OSVDB",
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0651",
"datePublished": "2007-02-15T23:00:00.000Z",
"dateReserved": "2007-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:26:54.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0652 (GCVE-0-2007-0652)
Vulnerability from nvd – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2258 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/23998 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/460063/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/33191 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/0595 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/secunia_research/2007-38/advisory/ | x_refsource_MISC |
| http://www.securityfocus.com/bid/22554 | vdb-entryx_refsource_BID |
Date Public
2007-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"refsource": "OSVDB",
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0652",
"datePublished": "2007-02-15T23:00:00.000Z",
"dateReserved": "2007-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:26:54.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6964 (GCVE-0-2006-6964)
Vulnerability from nvd – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.mailenable.com/Professional1-ReleaseNo… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1016337 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mailenable.com/Professional1-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6964",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:04.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6605 (GCVE-0-2006-6605)
Vulnerability from nvd – Published: 2006-12-19 19:00 – Updated: 2024-08-07 20:33
VLAI
Summary
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017395 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/23127 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/2053 | third-party-advisoryx_refsource_SREASON |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/21645 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/454713/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/secunia_research/2006-75/advisory/ | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2006/5052 | vdb-entryx_refsource_VUPEN |
Date Public
2006-12-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017395",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2053"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2006-75/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6605",
"datePublished": "2006-12-19T19:00:00.000Z",
"dateReserved": "2006-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:33:59.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6484 (GCVE-0-2006-6484)
Vulnerability from nvd – Published: 2006-12-12 20:00 – Updated: 2024-08-07 20:26
VLAI
Summary
The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/21493 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/23267 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
Date Public
2006-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23267"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6484",
"datePublished": "2006-12-12T20:00:00.000Z",
"dateReserved": "2006-12-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:26:46.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6423 (GCVE-0-2006-6423)
Vulnerability from nvd – Published: 2006-12-12 02:00 – Updated: 2024-08-07 20:26
VLAI
Summary
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/secunia_research/2006-73/advisory/ | x_refsource_MISC |
| http://securityreason.com/securityalert/2022 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/21492 | vdb-entryx_refsource_BID |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/23201 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/454075/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-12-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2006-73/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6423",
"datePublished": "2006-12-12T02:00:00.000Z",
"dateReserved": "2006-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:26:46.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6290 (GCVE-0-2006-6290)
Vulnerability from nvd – Published: 2006-12-05 11:00 – Updated: 2024-08-07 20:19
VLAI
Summary
Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017276 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2006/4778 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/23080 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/21362 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1017319 | vdb-entryx_refsource_SECTRACK |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2006/4673 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/453118/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/23047 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/secunia_research/2006-71/advisory/ | x_refsource_MISC |
Date Public
2006-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017276",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017276"
},
{
"name": "ADV-2006-4778",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name": "23080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23080"
},
{
"name": "21362",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name": "1017319",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017319"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2006-4673",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name": "23047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23047"
},
{
"name": "mailenable-meimaps-bo(30614)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017276",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017276"
},
{
"name": "ADV-2006-4778",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name": "23080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23080"
},
{
"name": "21362",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name": "1017319",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017319"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2006-4673",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name": "23047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23047"
},
{
"name": "mailenable-meimaps-bo(30614)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017276",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017276"
},
{
"name": "ADV-2006-4778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name": "23080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23080"
},
{
"name": "21362",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name": "1017319",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017319"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2006-4673",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name": "23047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23047"
},
{
"name": "mailenable-meimaps-bo(30614)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"name": "http://secunia.com/secunia_research/2006-71/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6290",
"datePublished": "2006-12-05T11:00:00.000Z",
"dateReserved": "2006-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:19:35.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5177 (GCVE-0-2006-5177)
Vulnerability from nvd – Published: 2006-10-06 00:00 – Updated: 2024-08-07 19:41
VLAI
Summary
The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/22179 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/20290 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/3862 | vdb-entryx_refsource_VUPEN |
| http://labs.musecurity.com/advisories/MU-200609-01.txt | x_refsource_MISC |
Date Public
2006-09-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mailenable-base64-message-code-execution(29287)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29287"
},
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22179"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-base64-ntml-message-dos(29286)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29286"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mailenable-base64-message-code-execution(29287)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29287"
},
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22179"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-base64-ntml-message-dos(29286)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29286"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mailenable-base64-message-code-execution(29287)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29287"
},
{
"name": "22179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22179"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-base64-ntml-message-dos(29286)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29286"
},
{
"name": "20290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200609-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5177",
"datePublished": "2006-10-06T00:00:00.000Z",
"dateReserved": "2006-10-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5176 (GCVE-0-2006-5176)
Vulnerability from nvd – Published: 2006-10-06 00:00 – Updated: 2024-08-07 19:41
VLAI
Summary
Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages".
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/22179 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/20290 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/3862 | vdb-entryx_refsource_VUPEN |
| http://labs.musecurity.com/advisories/MU-200609-01.txt | x_refsource_MISC |
Date Public
2006-09-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22179"
},
{
"name": "mailenable-ntlm-message-bo(29284)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via \"the signature field of NTLM Type 1 messages\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22179"
},
{
"name": "mailenable-ntlm-message-bo(29284)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via \"the signature field of NTLM Type 1 messages\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22179"
},
{
"name": "mailenable-ntlm-message-bo(29284)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29284"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200609-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5176",
"datePublished": "2006-10-06T00:00:00.000Z",
"dateReserved": "2006-10-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4616 (GCVE-0-2006-4616)
Vulnerability from nvd – Published: 2006-09-07 00:00 – Updated: 2024-08-07 19:14
VLAI
Summary
SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3669 | vdb-entryx_refsource_VUPEN |
| http://securitytracker.com/id?1016792 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/20091 | vdb-entryx_refsource_BID |
| http://www.mailenable.com/hotfix/MESMTPC.ZIP | x_refsource_CONFIRM |
| http://secunia.com/advisories/21998 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-09-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3669",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3669"
},
{
"name": "1016792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016792"
},
{
"name": "mailenable-spf-dos(28910)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20091",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/MESMTPC.ZIP"
},
{
"name": "21998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21998"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3669",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3669"
},
{
"name": "1016792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016792"
},
{
"name": "mailenable-spf-dos(28910)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20091",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/MESMTPC.ZIP"
},
{
"name": "21998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21998"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3669",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3669"
},
{
"name": "1016792",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016792"
},
{
"name": "mailenable-spf-dos(28910)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28910"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20091"
},
{
"name": "http://www.mailenable.com/hotfix/MESMTPC.ZIP",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/MESMTPC.ZIP"
},
{
"name": "21998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21998"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4616",
"datePublished": "2006-09-07T00:00:00.000Z",
"dateReserved": "2006-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3277 (GCVE-0-2006-3277)
Vulnerability from nvd – Published: 2006-06-28 22:00 – Updated: 2024-08-07 18:23
VLAI
Summary
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.mailenable.com/hotfix/mesmtpc.zip | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1016376 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2006/2520 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/20790 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/26791 | vdb-entryx_refsource_OSVDB |
| http://www.divisionbyzero.be/?p=174 | x_refsource_MISC |
| http://www.securityfocus.com/bid/18630 | vdb-entryx_refsource_BID |
| http://www.divisionbyzero.be/?p=173 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/438374/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-06-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:20.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/mesmtpc.zip"
},
{
"name": "mailenable-smtp-helo-dos(27387)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27387"
},
{
"name": "1016376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016376"
},
{
"name": "ADV-2006-2520",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2520"
},
{
"name": "20790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20790"
},
{
"name": "26791",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26791"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.divisionbyzero.be/?p=174"
},
{
"name": "18630",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18630"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.divisionbyzero.be/?p=173"
},
{
"name": "20060624 Mailenable SMTP Service DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438374/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/mesmtpc.zip"
},
{
"name": "mailenable-smtp-helo-dos(27387)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27387"
},
{
"name": "1016376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016376"
},
{
"name": "ADV-2006-2520",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2520"
},
{
"name": "20790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20790"
},
{
"name": "26791",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26791"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.divisionbyzero.be/?p=174"
},
{
"name": "18630",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18630"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.divisionbyzero.be/?p=173"
},
{
"name": "20060624 Mailenable SMTP Service DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438374/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mailenable.com/hotfix/mesmtpc.zip",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/mesmtpc.zip"
},
{
"name": "mailenable-smtp-helo-dos(27387)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27387"
},
{
"name": "1016376",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016376"
},
{
"name": "ADV-2006-2520",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2520"
},
{
"name": "20790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20790"
},
{
"name": "26791",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26791"
},
{
"name": "http://www.divisionbyzero.be/?p=174",
"refsource": "MISC",
"url": "http://www.divisionbyzero.be/?p=174"
},
{
"name": "18630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18630"
},
{
"name": "http://www.divisionbyzero.be/?p=173",
"refsource": "MISC",
"url": "http://www.divisionbyzero.be/?p=173"
},
{
"name": "20060624 Mailenable SMTP Service DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438374/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3277",
"datePublished": "2006-06-28T22:00:00.000Z",
"dateReserved": "2006-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:23:20.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1276 (GCVE-0-2008-1276)
Vulnerability from cvelistv5 – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI
Summary
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/29277 | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/maildisable-adv.txt | x_refsource_MISC |
| https://www.exploit-db.com/exploits/5249 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2008/0799… | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3724 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/489270/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1019565 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/28145 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:33.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1276",
"datePublished": "2008-03-10T23:00:00.000Z",
"dateReserved": "2008-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:17:33.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1275 (GCVE-0-2008-1275)
Vulnerability from cvelistv5 – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI
Summary
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/5235 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/28154 | vdb-entryx_refsource_BID |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2008/0800… | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/29300 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5235",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28154"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1275",
"datePublished": "2008-03-10T23:00:00.000Z",
"dateReserved": "2008-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:17:34.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1277 (GCVE-0-2008-1277)
Vulnerability from cvelistv5 – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI
Summary
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/29277 | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/maildisable-adv.txt | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2008/0799… | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3724 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/489270/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1019565 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/28145 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1277",
"datePublished": "2008-03-10T23:00:00.000Z",
"dateReserved": "2008-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:17:34.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1301 (GCVE-0-2007-1301)
Vulnerability from cvelistv5 – Published: 2007-03-07 00:00 – Updated: 2024-08-07 12:50
VLAI
Summary
Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2007/0811 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/24361 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/22792 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1017739 | vdb-entryx_refsource_SECTRACK |
| https://www.exploit-db.com/exploits/3397 | exploitx_refsource_EXPLOIT-DB |
Date Public
2007-03-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0811",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24361"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1301",
"datePublished": "2007-03-07T00:00:00.000Z",
"dateReserved": "2007-03-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:50:35.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0651 (GCVE-0-2007-0651)
Vulnerability from cvelistv5 – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2258 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/23998 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/Professional20-ReleaseN… | x_refsource_CONFIRM |
| http://osvdb.org/33189 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/33190 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/460063/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/33188 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/0595 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/secunia_research/2007-38/advisory/ | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/22554 | vdb-entryx_refsource_BID |
Date Public
2007-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "http://www.mailenable.com/Professional20-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"refsource": "OSVDB",
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"refsource": "OSVDB",
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"refsource": "OSVDB",
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0651",
"datePublished": "2007-02-15T23:00:00.000Z",
"dateReserved": "2007-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:26:54.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0652 (GCVE-0-2007-0652)
Vulnerability from cvelistv5 – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2258 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/23998 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/460063/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/33191 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/0595 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/secunia_research/2007-38/advisory/ | x_refsource_MISC |
| http://www.securityfocus.com/bid/22554 | vdb-entryx_refsource_BID |
Date Public
2007-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"refsource": "OSVDB",
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0652",
"datePublished": "2007-02-15T23:00:00.000Z",
"dateReserved": "2007-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:26:54.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6964 (GCVE-0-2006-6964)
Vulnerability from cvelistv5 – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.mailenable.com/Professional1-ReleaseNo… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1016337 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mailenable.com/Professional1-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6964",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:04.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6605 (GCVE-0-2006-6605)
Vulnerability from cvelistv5 – Published: 2006-12-19 19:00 – Updated: 2024-08-07 20:33
VLAI
Summary
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017395 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/23127 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/2053 | third-party-advisoryx_refsource_SREASON |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/21645 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/454713/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/secunia_research/2006-75/advisory/ | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2006/5052 | vdb-entryx_refsource_VUPEN |
Date Public
2006-12-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017395",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2053"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2006-75/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6605",
"datePublished": "2006-12-19T19:00:00.000Z",
"dateReserved": "2006-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:33:59.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6484 (GCVE-0-2006-6484)
Vulnerability from cvelistv5 – Published: 2006-12-12 20:00 – Updated: 2024-08-07 20:26
VLAI
Summary
The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/21493 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/23267 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
Date Public
2006-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23267"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6484",
"datePublished": "2006-12-12T20:00:00.000Z",
"dateReserved": "2006-12-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:26:46.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6423 (GCVE-0-2006-6423)
Vulnerability from cvelistv5 – Published: 2006-12-12 02:00 – Updated: 2024-08-07 20:26
VLAI
Summary
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/secunia_research/2006-73/advisory/ | x_refsource_MISC |
| http://securityreason.com/securityalert/2022 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/21492 | vdb-entryx_refsource_BID |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/23201 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/454075/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-12-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2006-73/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6423",
"datePublished": "2006-12-12T02:00:00.000Z",
"dateReserved": "2006-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:26:46.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6290 (GCVE-0-2006-6290)
Vulnerability from cvelistv5 – Published: 2006-12-05 11:00 – Updated: 2024-08-07 20:19
VLAI
Summary
Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017276 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2006/4778 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/23080 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/21362 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1017319 | vdb-entryx_refsource_SECTRACK |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2006/4673 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/453118/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/23047 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/secunia_research/2006-71/advisory/ | x_refsource_MISC |
Date Public
2006-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017276",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017276"
},
{
"name": "ADV-2006-4778",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name": "23080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23080"
},
{
"name": "21362",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name": "1017319",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017319"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2006-4673",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name": "23047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23047"
},
{
"name": "mailenable-meimaps-bo(30614)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017276",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017276"
},
{
"name": "ADV-2006-4778",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name": "23080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23080"
},
{
"name": "21362",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name": "1017319",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017319"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2006-4673",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name": "23047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23047"
},
{
"name": "mailenable-meimaps-bo(30614)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017276",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017276"
},
{
"name": "ADV-2006-4778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name": "23080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23080"
},
{
"name": "21362",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name": "1017319",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017319"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2006-4673",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name": "23047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23047"
},
{
"name": "mailenable-meimaps-bo(30614)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"name": "http://secunia.com/secunia_research/2006-71/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6290",
"datePublished": "2006-12-05T11:00:00.000Z",
"dateReserved": "2006-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:19:35.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5177 (GCVE-0-2006-5177)
Vulnerability from cvelistv5 – Published: 2006-10-06 00:00 – Updated: 2024-08-07 19:41
VLAI
Summary
The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/22179 | third-party-advisoryx_refsource_SECUNIA |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/20290 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/3862 | vdb-entryx_refsource_VUPEN |
| http://labs.musecurity.com/advisories/MU-200609-01.txt | x_refsource_MISC |
Date Public
2006-09-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mailenable-base64-message-code-execution(29287)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29287"
},
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22179"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-base64-ntml-message-dos(29286)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29286"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mailenable-base64-message-code-execution(29287)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29287"
},
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22179"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-base64-ntml-message-dos(29286)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29286"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mailenable-base64-message-code-execution(29287)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29287"
},
{
"name": "22179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22179"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-base64-ntml-message-dos(29286)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29286"
},
{
"name": "20290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200609-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5177",
"datePublished": "2006-10-06T00:00:00.000Z",
"dateReserved": "2006-10-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5176 (GCVE-0-2006-5176)
Vulnerability from cvelistv5 – Published: 2006-10-06 00:00 – Updated: 2024-08-07 19:41
VLAI
Summary
Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages".
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/22179 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/20290 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/3862 | vdb-entryx_refsource_VUPEN |
| http://labs.musecurity.com/advisories/MU-200609-01.txt | x_refsource_MISC |
Date Public
2006-09-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22179"
},
{
"name": "mailenable-ntlm-message-bo(29284)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via \"the signature field of NTLM Type 1 messages\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22179"
},
{
"name": "mailenable-ntlm-message-bo(29284)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via \"the signature field of NTLM Type 1 messages\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22179"
},
{
"name": "mailenable-ntlm-message-bo(29284)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29284"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20290"
},
{
"name": "ADV-2006-3862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3862"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200609-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200609-01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5176",
"datePublished": "2006-10-06T00:00:00.000Z",
"dateReserved": "2006-10-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4616 (GCVE-0-2006-4616)
Vulnerability from cvelistv5 – Published: 2006-09-07 00:00 – Updated: 2024-08-07 19:14
VLAI
Summary
SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3669 | vdb-entryx_refsource_VUPEN |
| http://securitytracker.com/id?1016792 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.mailenable.com/hotfix/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/20091 | vdb-entryx_refsource_BID |
| http://www.mailenable.com/hotfix/MESMTPC.ZIP | x_refsource_CONFIRM |
| http://secunia.com/advisories/21998 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-09-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3669",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3669"
},
{
"name": "1016792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016792"
},
{
"name": "mailenable-spf-dos(28910)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20091",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/MESMTPC.ZIP"
},
{
"name": "21998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21998"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3669",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3669"
},
{
"name": "1016792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016792"
},
{
"name": "mailenable-spf-dos(28910)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20091",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/MESMTPC.ZIP"
},
{
"name": "21998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21998"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3669",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3669"
},
{
"name": "1016792",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016792"
},
{
"name": "mailenable-spf-dos(28910)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28910"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "20091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20091"
},
{
"name": "http://www.mailenable.com/hotfix/MESMTPC.ZIP",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/MESMTPC.ZIP"
},
{
"name": "21998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21998"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4616",
"datePublished": "2006-09-07T00:00:00.000Z",
"dateReserved": "2006-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3277 (GCVE-0-2006-3277)
Vulnerability from cvelistv5 – Published: 2006-06-28 22:00 – Updated: 2024-08-07 18:23
VLAI
Summary
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.mailenable.com/hotfix/mesmtpc.zip | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1016376 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2006/2520 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/20790 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/26791 | vdb-entryx_refsource_OSVDB |
| http://www.divisionbyzero.be/?p=174 | x_refsource_MISC |
| http://www.securityfocus.com/bid/18630 | vdb-entryx_refsource_BID |
| http://www.divisionbyzero.be/?p=173 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/438374/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-06-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:20.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/mesmtpc.zip"
},
{
"name": "mailenable-smtp-helo-dos(27387)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27387"
},
{
"name": "1016376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016376"
},
{
"name": "ADV-2006-2520",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2520"
},
{
"name": "20790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20790"
},
{
"name": "26791",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26791"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.divisionbyzero.be/?p=174"
},
{
"name": "18630",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18630"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.divisionbyzero.be/?p=173"
},
{
"name": "20060624 Mailenable SMTP Service DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438374/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/mesmtpc.zip"
},
{
"name": "mailenable-smtp-helo-dos(27387)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27387"
},
{
"name": "1016376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016376"
},
{
"name": "ADV-2006-2520",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2520"
},
{
"name": "20790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20790"
},
{
"name": "26791",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26791"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.divisionbyzero.be/?p=174"
},
{
"name": "18630",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18630"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.divisionbyzero.be/?p=173"
},
{
"name": "20060624 Mailenable SMTP Service DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438374/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mailenable.com/hotfix/mesmtpc.zip",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/mesmtpc.zip"
},
{
"name": "mailenable-smtp-helo-dos(27387)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27387"
},
{
"name": "1016376",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016376"
},
{
"name": "ADV-2006-2520",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2520"
},
{
"name": "20790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20790"
},
{
"name": "26791",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26791"
},
{
"name": "http://www.divisionbyzero.be/?p=174",
"refsource": "MISC",
"url": "http://www.divisionbyzero.be/?p=174"
},
{
"name": "18630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18630"
},
{
"name": "http://www.divisionbyzero.be/?p=173",
"refsource": "MISC",
"url": "http://www.divisionbyzero.be/?p=173"
},
{
"name": "20060624 Mailenable SMTP Service DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438374/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3277",
"datePublished": "2006-06-28T22:00:00.000Z",
"dateReserved": "2006-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:23:20.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}