Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by youngzsoft
CVE-2008-6922 (GCVE-0-2008-6922)
Vulnerability from cvelistv5 – Published: 2009-08-10 18:00 – Updated: 2024-08-07 11:49
VLAI
Summary
Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a long argument to the (1) CreateUserPath, (2) Logout, (3) DeleteMailByUID, (4) MoveToInbox, (5) MoveToFolder, (6) DeleteMailEx, (7) GetMailDataEx, (8) SetReplySign, (9) SetForwardSign, and (10) SetReadSign methods, which are not properly handled by (a) the POP3 Class ActiveX control (CMailCom.POP3); or a long argument to the (11) AddAttach, (12) SetSubject, (13) SetBcc, (14) SetBody, (15) SetCc, (16) SetFrom, (17) SetTo, and (18) SetFromUID methods, which are not properly handled by the Class ActiveX control (CMailCOM.SMTP), as demonstrated via the indexOfMail parameter to mwmail.asp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/6012 | exploitx_refsource_EXPLOIT-DB |
| http://osvdb.org/46750 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/30098 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/30940 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-07-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6012",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6012"
},
{
"name": "46750",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/46750"
},
{
"name": "cmailserver-movetofolder-bo(43594)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43594"
},
{
"name": "30098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30098"
},
{
"name": "30940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30940"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a long argument to the (1) CreateUserPath, (2) Logout, (3) DeleteMailByUID, (4) MoveToInbox, (5) MoveToFolder, (6) DeleteMailEx, (7) GetMailDataEx, (8) SetReplySign, (9) SetForwardSign, and (10) SetReadSign methods, which are not properly handled by (a) the POP3 Class ActiveX control (CMailCom.POP3); or a long argument to the (11) AddAttach, (12) SetSubject, (13) SetBcc, (14) SetBody, (15) SetCc, (16) SetFrom, (17) SetTo, and (18) SetFromUID methods, which are not properly handled by the Class ActiveX control (CMailCOM.SMTP), as demonstrated via the indexOfMail parameter to mwmail.asp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6012",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6012"
},
{
"name": "46750",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/46750"
},
{
"name": "cmailserver-movetofolder-bo(43594)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43594"
},
{
"name": "30098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30098"
},
{
"name": "30940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30940"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a long argument to the (1) CreateUserPath, (2) Logout, (3) DeleteMailByUID, (4) MoveToInbox, (5) MoveToFolder, (6) DeleteMailEx, (7) GetMailDataEx, (8) SetReplySign, (9) SetForwardSign, and (10) SetReadSign methods, which are not properly handled by (a) the POP3 Class ActiveX control (CMailCom.POP3); or a long argument to the (11) AddAttach, (12) SetSubject, (13) SetBcc, (14) SetBody, (15) SetCc, (16) SetFrom, (17) SetTo, and (18) SetFromUID methods, which are not properly handled by the Class ActiveX control (CMailCOM.SMTP), as demonstrated via the indexOfMail parameter to mwmail.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6012",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6012"
},
{
"name": "46750",
"refsource": "OSVDB",
"url": "http://osvdb.org/46750"
},
{
"name": "cmailserver-movetofolder-bo(43594)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43594"
},
{
"name": "30098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30098"
},
{
"name": "30940",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30940"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6922",
"datePublished": "2009-08-10T18:00:00.000Z",
"dateReserved": "2009-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:49:02.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6415 (GCVE-0-2008-6415)
Vulnerability from cvelistv5 – Published: 2009-03-06 11:00 – Updated: 2024-08-07 11:27
VLAI
Summary
Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1020902 | vdb-entryx_refsource_SECTRACK |
| http://jbrownsec.blogspot.com/2008/09/ccproxy-nea… | x_refsource_MISC |
| http://secunia.com/advisories/31997 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/31416 | vdb-entryx_refsource_BID |
Date Public
2008-09-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:27:35.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ccproxy-connection-bo(45304)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45304"
},
{
"name": "1020902",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020902"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jbrownsec.blogspot.com/2008/09/ccproxy-near-stealth-patching.html"
},
{
"name": "31997",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31997"
},
{
"name": "31416",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31416"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ccproxy-connection-bo(45304)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45304"
},
{
"name": "1020902",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020902"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jbrownsec.blogspot.com/2008/09/ccproxy-near-stealth-patching.html"
},
{
"name": "31997",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31997"
},
{
"name": "31416",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31416"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ccproxy-connection-bo(45304)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45304"
},
{
"name": "1020902",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020902"
},
{
"name": "http://jbrownsec.blogspot.com/2008/09/ccproxy-near-stealth-patching.html",
"refsource": "MISC",
"url": "http://jbrownsec.blogspot.com/2008/09/ccproxy-near-stealth-patching.html"
},
{
"name": "31997",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31997"
},
{
"name": "31416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31416"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6415",
"datePublished": "2009-03-06T11:00:00.000Z",
"dateReserved": "2009-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:27:35.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2685 (GCVE-0-2004-2685)
Vulnerability from cvelistv5 – Published: 2007-09-06 19:00 – Updated: 2024-08-08 01:36
VLAI
Summary
Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/621 | exploitx_refsource_EXPLOIT-DB |
| https://www.exploit-db.com/exploits/4360 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/13085 | third-party-advisoryx_refsource_SECUNIA |
| http://www.youngzsoft.net/ccproxy/whatsnew.htm | x_refsource_MISC |
Date Public
2004-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "621",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/621"
},
{
"name": "4360",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4360"
},
{
"name": "13085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13085"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youngzsoft.net/ccproxy/whatsnew.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "621",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/621"
},
{
"name": "4360",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4360"
},
{
"name": "13085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13085"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youngzsoft.net/ccproxy/whatsnew.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "621",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/621"
},
{
"name": "4360",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4360"
},
{
"name": "13085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13085"
},
{
"name": "http://www.youngzsoft.net/ccproxy/whatsnew.htm",
"refsource": "MISC",
"url": "http://www.youngzsoft.net/ccproxy/whatsnew.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2685",
"datePublished": "2007-09-06T19:00:00.000Z",
"dateReserved": "2007-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1991 (GCVE-0-2007-1991)
Vulnerability from cvelistv5 – Published: 2007-04-12 10:00 – Updated: 2024-08-07 13:13
VLAI
Summary
Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/23363 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/24812 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:42.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cmailserver-signup-xss(33501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33501"
},
{
"name": "23363",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23363"
},
{
"name": "24812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cmailserver-signup-xss(33501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33501"
},
{
"name": "23363",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23363"
},
{
"name": "24812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cmailserver-signup-xss(33501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33501"
},
{
"name": "23363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23363"
},
{
"name": "24812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1991",
"datePublished": "2007-04-12T10:00:00.000Z",
"dateReserved": "2007-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:13:42.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1927 (GCVE-0-2007-1927)
Vulnerability from cvelistv5 – Published: 2007-04-10 23:00 – Updated: 2024-08-07 13:13
VLAI
Summary
Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/2529 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/34119 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/24812 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/23360 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/464966/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cmailserver-signup-xss(33501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33501"
},
{
"name": "2529",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2529"
},
{
"name": "34119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34119"
},
{
"name": "24812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24812"
},
{
"name": "23360",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23360"
},
{
"name": "20070407 CmailServer WebMail \u003c= V.5.3.4 (signup) Remote XSS Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464966/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cmailserver-signup-xss(33501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33501"
},
{
"name": "2529",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2529"
},
{
"name": "34119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34119"
},
{
"name": "24812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24812"
},
{
"name": "23360",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23360"
},
{
"name": "20070407 CmailServer WebMail \u003c= V.5.3.4 (signup) Remote XSS Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464966/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cmailserver-signup-xss(33501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33501"
},
{
"name": "2529",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2529"
},
{
"name": "34119",
"refsource": "OSVDB",
"url": "http://osvdb.org/34119"
},
{
"name": "24812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24812"
},
{
"name": "23360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23360"
},
{
"name": "20070407 CmailServer WebMail \u003c= V.5.3.4 (signup) Remote XSS Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464966/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1927",
"datePublished": "2007-04-10T23:00:00.000Z",
"dateReserved": "2007-04-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:13:41.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2416 (GCVE-0-2004-2416)
Vulnerability from cvelistv5 – Published: 2005-08-18 04:00 – Updated: 2024-08-08 01:29
VLAI
Summary
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1012189 | vdb-entryx_refsource_SECTRACK |
| http://www.securiteam.com/exploits/6E0032KBPM.html | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/13085 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/11666 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/11593 | vdb-entryx_refsource_OSVDB |
Date Public
2004-11-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:13.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012189",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012189"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/6E0032KBPM.html"
},
{
"name": "proxy-server-ccproxy-bo(18012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18012"
},
{
"name": "13085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13085"
},
{
"name": "11666",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11666"
},
{
"name": "11593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11593"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012189",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012189"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/6E0032KBPM.html"
},
{
"name": "proxy-server-ccproxy-bo(18012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18012"
},
{
"name": "13085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13085"
},
{
"name": "11666",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11666"
},
{
"name": "11593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11593"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2416",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012189",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012189"
},
{
"name": "http://www.securiteam.com/exploits/6E0032KBPM.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/6E0032KBPM.html"
},
{
"name": "proxy-server-ccproxy-bo(18012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18012"
},
{
"name": "13085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13085"
},
{
"name": "11666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11666"
},
{
"name": "11593",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11593"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2416",
"datePublished": "2005-08-18T04:00:00.000Z",
"dateReserved": "2005-08-18T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:29:13.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1130 (GCVE-0-2004-1130)
Vulnerability from cvelistv5 – Published: 2004-12-05 05:00 – Updated: 2024-08-08 00:39
VLAI
Summary
Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=110137313329955&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/11742 | vdb-entryx_refsource_BID |
| http://www.security.org.sg/vuln/cmailserver52.html | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041124 [SIG^2 G-TEC] CMailServer WebMail v5.2 Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110137313329955\u0026w=2"
},
{
"name": "11742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11742"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security.org.sg/vuln/cmailserver52.html"
},
{
"name": "cmailserver-adminasp-xss(18280)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18280"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041124 [SIG^2 G-TEC] CMailServer WebMail v5.2 Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110137313329955\u0026w=2"
},
{
"name": "11742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11742"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security.org.sg/vuln/cmailserver52.html"
},
{
"name": "cmailserver-adminasp-xss(18280)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18280"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041124 [SIG^2 G-TEC] CMailServer WebMail v5.2 Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110137313329955\u0026w=2"
},
{
"name": "11742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11742"
},
{
"name": "http://www.security.org.sg/vuln/cmailserver52.html",
"refsource": "MISC",
"url": "http://www.security.org.sg/vuln/cmailserver52.html"
},
{
"name": "cmailserver-adminasp-xss(18280)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18280"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1130",
"datePublished": "2004-12-05T05:00:00.000Z",
"dateReserved": "2004-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1129 (GCVE-0-2004-1129)
Vulnerability from cvelistv5 – Published: 2004-12-05 05:00 – Updated: 2024-08-08 00:39
VLAI
Summary
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=110137313329955&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/11742 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.security.org.sg/vuln/cmailserver52.html | x_refsource_MISC |
Date Public
2004-11-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041124 [SIG^2 G-TEC] CMailServer WebMail v5.2 Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110137313329955\u0026w=2"
},
{
"name": "11742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11742"
},
{
"name": "cmailserver-fdelmail-addressc-sql-injection(18281)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18281"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security.org.sg/vuln/cmailserver52.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041124 [SIG^2 G-TEC] CMailServer WebMail v5.2 Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110137313329955\u0026w=2"
},
{
"name": "11742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11742"
},
{
"name": "cmailserver-fdelmail-addressc-sql-injection(18281)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18281"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security.org.sg/vuln/cmailserver52.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041124 [SIG^2 G-TEC] CMailServer WebMail v5.2 Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110137313329955\u0026w=2"
},
{
"name": "11742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11742"
},
{
"name": "cmailserver-fdelmail-addressc-sql-injection(18281)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18281"
},
{
"name": "http://www.security.org.sg/vuln/cmailserver52.html",
"refsource": "MISC",
"url": "http://www.security.org.sg/vuln/cmailserver52.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1129",
"datePublished": "2004-12-05T05:00:00.000Z",
"dateReserved": "2004-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0280 (GCVE-0-2003-0280)
Vulnerability from cvelistv5 – Published: 2003-05-14 04:00 – Updated: 2024-08-08 01:50
VLAI
Summary
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/7548 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/7547 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=105258772101349&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2003-05-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7548"
},
{
"name": "7547",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7547"
},
{
"name": "20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105258772101349\u0026w=2"
},
{
"name": "20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0062.html"
},
{
"name": "cmailserver-smtp-bo(11975)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11975"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7548"
},
{
"name": "7547",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7547"
},
{
"name": "20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105258772101349\u0026w=2"
},
{
"name": "20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0062.html"
},
{
"name": "cmailserver-smtp-bo(11975)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11975"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7548"
},
{
"name": "7547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7547"
},
{
"name": "20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105258772101349\u0026w=2"
},
{
"name": "20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0062.html"
},
{
"name": "cmailserver-smtp-bo(11975)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11975"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0280",
"datePublished": "2003-05-14T04:00:00.000Z",
"dateReserved": "2003-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:50:47.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0799 (GCVE-0-2002-0799)
Vulnerability from cvelistv5 – Published: 2002-07-26 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/9132.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/archive/1/273512 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/4789 | vdb-entryx_refsource_BID |
Date Public
2002-05-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:48.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cmailserver-user-bo(9132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9132.php"
},
{
"name": "20020521 YoungZSoft CMailServer overflow, PATCH + WAREZ!@#!",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273512"
},
{
"name": "4789",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-07-31T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cmailserver-user-bo(9132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9132.php"
},
{
"name": "20020521 YoungZSoft CMailServer overflow, PATCH + WAREZ!@#!",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273512"
},
{
"name": "4789",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4789"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cmailserver-user-bo(9132)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9132.php"
},
{
"name": "20020521 YoungZSoft CMailServer overflow, PATCH + WAREZ!@#!",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273512"
},
{
"name": "4789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4789"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0799",
"datePublished": "2002-07-26T04:00:00.000Z",
"dateReserved": "2002-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:48.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}