CVE-2009-3445

CVE-2009-3445 affects Code-Crafters Ability Mail Server before 2.70. The vulnerability allows remote attackers to cause a denial of service (daemon crash) by sending a malformed IMAP4 FETCH command. Multiple sources (NVD, Red Hat, OpenVAS/Nessus entries) corroborate the issue and the affected ver...

CVE-2013-6162

The CVE-2013-6162 entry affects Code-Crafters Ability Mail Server 3.1.1 (Ability Mail Server 2013). The connected sources detail a Stored XSS vulnerability: an attacker can inject arbitrary HTML/JavaScript via the body of an email, with PoCs showing stored XSS in e‑mail content and, in exploits, ...

CVE-2004-2495

The CVE-2004-2495 entry affects Ability Mail Server 1.18, specifically the Webmail, Admin, and SMTP services. The vulnerability allows remote attackers to trigger a denial-of-service via a large number of simultaneous connections, resulting in high CPU usage. The available documents confirm the i...

CVE-2007-6101

CVE-2007-6101 affects Ability Mail Server up to version 2.61 (i.e., before 2.61). The vulnerability arises in two areas: (1) IMAP commands with malformed number list ranges and (2) messages containing a blank string. Both issues can be exploited by remote authenticated users to cause a denial of ...