2 matches found
IceWarp Merak Mail Server < 9.4.2 Multiple Vulnerabilities
IceWarp Merak Mail Server is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...
CVE-2009-1469
IceWarp eMail Server/WebMail Server (before 9.4.2) contains a CRLF injection flaw in Forgot Password handling that can trick users into disclosing credentials. The vulnerability arises from CRLF sequences preceding a Reply-To header in the subject of an XML-driven message, enabling social-enginee...