GHSA-G47V-RWMH-R9F8 eml_parser has recursion DoS via nested message/rfc822 attachments

Summary EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who can supply a badly crafted EML file with approximately 120 nested message/rfc822 parts triggers an unhandled RecursionError and aborts parsing of the...

CVE-2026-26312

Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested message/rfc822 MIME parts via IMAP or JMAP causes excessive CPU and memory consumption...

Format string

An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachmen...

CVE-2017-17847

An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachmen...

CVE-2017-17847

An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachmen...

Fedora 22 : roundcubemail-1.1.4-2.fc22 (2015-431d39fbff)

Release 1.1.4 - Add workaround for https://bugs.php.net/bug.php?id=70757 1490582 - Fix duplicate messages in list and wrong count after delete 1490572 - Fix so Installer requires PHP5 - Make brute-force attacks harder by re-generating security token on every failed login 1490549 - Slow down brute...

Microsoft Outlook Express Malformed MIME Message DoS Vulnerability

The host is installed with Microsoft Outlook Express and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbmsoutlookexpressdosvuln.nasl 5370 2017-02-20 15:24:26Z cfi $ Microsoft Outlook Express Malformed MIME Message DoS Vulnerability Authors: Chandan S Copyright:...

NOD32 Email Message Denial of Service Vulnerability

This host is installed with NOD32 Antivirus and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbnod32emailmessagedos.nasl 5370 2017-02-20 15:24:26Z cfi $ NOD32 E-mail message Denial of Service Vulnerability Authors: Sujit Ghosal Copyright: Copyright c 2008 Greenbone...

Opera Web Browser DoS attacks on MIME via malformed MIME emails (Windows)

The host is installed with Opera Web Browser and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gboperamimedosvulnwin.nasl 6532 2017-07-05 07:42:05Z cfischer $ Opera Web Browser DoS attacks on MIME via malformed MIME emails Windows Authors: Chandan S Copyright:...

Design/Logic Flaw

The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a...