net-imap vulnerable to command Injection via "raw" arguments to multiple commands

Summary Several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. Details Net::IMAP's...

EUVD-2005-4452

Malware in sbrugna...

CVE-2005-4457

MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via several "..." triple dot sequences in a UID FETCH command...