2 matches found
CVE-2015-9278
MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request...
CVE-2015-9278
Summary: MailEnable before 8.60 is vulnerable to privilege escalation due to incorrect handling of the %0A sequence in AUTH.TAB after a password-change request, enabling an attacker to create or modify admin-like accounts. Affected product/versions: MailEnable prior to 8.60. Root cause: mishandli...