Kerio Mailserver Security Vulnerabilities and Issues — Kerio Mailserver CVE List

Lucene search

KerioKerio Mailserver

3 matches found

CVE•added 2011/03/22 5:55 p.m.•77 views

CVE-2011-1506

The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "p...

6.8CVSS6.7AI score0.6945EPSS

CVE•added 2003/04/11 4:0 a.m.•47 views

CVE-2002-1434

Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.

6.8CVSS5.9AI score0.00879EPSS

CVE•added 2006/05/05 12:46 p.m.•32 views

CVE-2006-2203

Unspecified vulnerability in Kerio MailServer before 6.1.4 has unknown impact and remote attack vectors related to a "possible bypass of attachment filter."

6.4CVSS6.6AI score0.00396EPSS