Lucene search

[email protected]NVD:CVE-2006-6291

HistoryDec 05, 2006 - 11:28 a.m.

CVE-2006-6291

2006-12-0511:28:00

CWE-119

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.8%

JSON

Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.

Affected configurations

NVD

Node

mailenablemailenableRange1.1–1.40enterprise

mailenablemailenableRange1.6–1.83professional

mailenablemailenableRange2.0–2.33enterprise

mailenablemailenableRange2.0–2.33professional

References

secunia.com/advisories/23080

secunia.com/secunia_research/2006-71/advisory/

securitytracker.com/id?1017276

securitytracker.com/id?1017319

www.mailenable.com/hotfix/

www.securityfocus.com/archive/1/453118/100/100/threaded

www.securityfocus.com/bid/21362

www.vupen.com/english/advisories/2006/4778

exchange.xforce.ibmcloud.com/vulnerabilities/30614

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for NVD:CVE-2006-6291

cvelist1 cve1 nessus1