Lucene search

[email protected]CVE-2006-6290

HistoryDec 05, 2006 - 11:28 a.m.

CVE-2006-6290

2006-12-0511:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6290

mailenable

buffer overflow

imap

denial of service

code execution

nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.5%

JSON

Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command.

Affected configurations

NVD

Node

mailenablemailenable_enterpriseMatch1.1

mailenablemailenable_enterpriseMatch1.2

mailenablemailenable_enterpriseMatch1.11

mailenablemailenable_enterpriseMatch1.12

mailenablemailenable_enterpriseMatch1.13

mailenablemailenable_enterpriseMatch1.14

mailenablemailenable_enterpriseMatch1.15

mailenablemailenable_enterpriseMatch1.16

mailenablemailenable_enterpriseMatch1.17

mailenablemailenable_enterpriseMatch1.18

mailenablemailenable_enterpriseMatch1.19

mailenablemailenable_enterpriseMatch1.21

mailenablemailenable_enterpriseMatch1.22

mailenablemailenable_enterpriseMatch1.23

mailenablemailenable_enterpriseMatch1.24

mailenablemailenable_enterpriseMatch1.25

mailenablemailenable_enterpriseMatch1.26

mailenablemailenable_enterpriseMatch1.27

mailenablemailenable_enterpriseMatch1.28

mailenablemailenable_enterpriseMatch1.29

mailenablemailenable_enterpriseMatch1.30

mailenablemailenable_enterpriseMatch2.0

mailenablemailenable_enterpriseMatch2.1

mailenablemailenable_enterpriseMatch2.01

mailenablemailenable_enterpriseMatch2.2

mailenablemailenable_enterpriseMatch2.03

mailenablemailenable_enterpriseMatch2.04

mailenablemailenable_enterpriseMatch2.05

mailenablemailenable_enterpriseMatch2.06

mailenablemailenable_enterpriseMatch2.07

mailenablemailenable_enterpriseMatch2.08

mailenablemailenable_enterpriseMatch2.09

mailenablemailenable_enterpriseMatch2.11

mailenablemailenable_enterpriseMatch2.12

mailenablemailenable_enterpriseMatch2.13

mailenablemailenable_enterpriseMatch2.14

mailenablemailenable_enterpriseMatch2.15

mailenablemailenable_enterpriseMatch2.16

mailenablemailenable_enterpriseMatch2.17

mailenablemailenable_enterpriseMatch2.18

mailenablemailenable_enterpriseMatch2.19

mailenablemailenable_enterpriseMatch2.21

mailenablemailenable_enterpriseMatch2.22

mailenablemailenable_enterpriseMatch2.23

mailenablemailenable_enterpriseMatch2.24

mailenablemailenable_enterpriseMatch2.25

mailenablemailenable_enterpriseMatch2.26

mailenablemailenable_enterpriseMatch2.27

mailenablemailenable_enterpriseMatch2.28

mailenablemailenable_enterpriseMatch2.29

mailenablemailenable_enterpriseMatch2.30

mailenablemailenable_enterpriseMatch2.31

mailenablemailenable_enterpriseMatch2.32

mailenablemailenable_enterpriseMatch2.33

mailenablemailenable_professionalMatch1.6

mailenablemailenable_professionalMatch1.82

mailenablemailenable_professionalMatch2.0

mailenablemailenable_professionalMatch2.33

CPENameOperatorVersion
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.1
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.2
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.11
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.12
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.13
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.14
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.15
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.16
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.17
mailenable:mailenable_enterprisemailenable mailenable enterpriseeq1.18

CPE	Name	Operator	Version
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.1
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.2
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.11
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.12
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.13
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.14
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.15
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.16
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.17
mailenable:mailenable_enterprise	mailenable mailenable enterprise	eq	1.18

Rows per page:

1-10 of 581

References

secunia.com/advisories/23047

secunia.com/advisories/23080

secunia.com/secunia_research/2006-71/advisory/

securitytracker.com/id?1017276

securitytracker.com/id?1017319

www.mailenable.com/hotfix/

www.securityfocus.com/archive/1/453118/100/100/threaded

www.securityfocus.com/bid/21362

www.vupen.com/english/advisories/2006/4673

www.vupen.com/english/advisories/2006/4778

exchange.xforce.ibmcloud.com/vulnerabilities/30614

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2006-6290

saint4 cvelist1 nvd1 nessus1 checkpoint_advisories1