5 matches found
PT-2022-19880 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite versions through 8.2 Description: The issue allows for XSS via a certain complex hierarchy that forces the use of Show Entire Message for a huge HTML e-mail message. Recommendations: For OX App Suite versions through 8.2, conside...
Code injection
MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB and limits checks to 10 MB even with special configuration, which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious...
CVE-2008-5430
Mozilla Thunderbird 2.0.14 does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of service stack consumption or other resource...
Design/Logic Flaw
Incredimail build 5853710 does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service stack consumption or other resource consumption vi...
CVE-2008-5429
Incredimail build 5853710 does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service stack consumption or other resource consumption vi...