Lucene search
K
MailenableMailenable Professional

33 matches found

CVE
CVE
added 2005/04/28 4:0 a.m.76 views

CVE-2005-1348

CVE-2005-1348 corresponds to a buffer overflow in MailEnable’s HTTPMail service. Concrete details: affected products are MailEnable Enterprise (versions 1.04 and earlier) and MailEnable Professional (versions 1.54 and earlier). The overflow occurs via a long HTTP Authorization header, allowing a ...

7.5CVSS7.7AI score0.72622EPSS
CVE
CVE
added 2005/11/19 1:0 a.m.73 views

CVE-2005-3690

Affected software: MailEnable Professional 1.6 and earlier; MailEnable Enterprise 1.1 and earlier (IMAP server meimaps.exe). Issue: Stack-based buffer overflow when processing overly long mailbox names in IMAP commands (SELECT, CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE), allowing remote atta...

7.5CVSS7.9AI score0.05174EPSS
CVE
CVE
added 2008/03/10 11:0 p.m.70 views

CVE-2008-1275

Technical details (affected products, exact vulnerability mechanisms, and remediation) are not publicly provided in the supplied documents. Monitor for updates as new information may be released.

7.8CVSS7AI score0.04045EPSS
CVE
CVE
added 2005/10/25 4:0 a.m.65 views

CVE-2004-2501

CVE-2004-2501 describes a stack-based buffer overflow in MailEnable’s IMAP service (Professional 1.52 and Enterprise 1.01 and earlier). The vulnerability arises from improper boundary/IMAP data handling, allowing an unauthenticated remote attacker to cause a crash or execute arbitrary code by sen...

7.5CVSS7.8AI score0.14061EPSS
CVE
CVE
added 2005/07/12 4:0 a.m.62 views

CVE-2005-2223

CVE-2005-2223 affects the MailEnable SMTP service. Public docs indicate an unknown vulnerability in MailEnable Standard before 1.9 and Professional before 1.6 that allows remote attackers to cause a denial of service (crash) during authentication. Red Hat records echo the unknown vulnerability, a...

5CVSS6.6AI score0.50805EPSS
CVE
CVE
added 2006/04/15 10:0 a.m.61 views

CVE-2006-1792

CVE-2006-1792 pertains to MailEnable’s POP service with affected versions: Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22. The vulnerability is described as unspecified with unknown attack vectors and impact related to “authentication exploits.”...

10CVSS6.2AI score0.0185EPSS
CVE
CVE
added 2005/05/31 4:0 a.m.60 views

CVE-2005-1781

CVE-2005-1781 affects MailEnable SMTP authentication. The vulnerability is a buffer overflow in handling the AUTH LOGIN command, allowing a remote unauthenticated attacker to terminate the service or potentially execute arbitrary code with SYSTEM privileges. Impact includes denial of service and ...

5CVSS6.7AI score0.01768EPSS
CVE
CVE
added 2005/10/05 4:0 a.m.60 views

CVE-2005-3155

CVE-2005-3155 concerns a buffer overflow in the W3C logging functionality of MailEnable IMAPD. Publicly documented impact indicates remote code execution against MailEnable Professional 1.6 and earlier and MailEnable Enterprise 1.1 and earlier. Exploit references (Metasploit module and SAINT/pack...

7.5CVSS7.5AI score0.63694EPSS
Web
CVE
CVE
added 2005/07/10 4:0 a.m.57 views

CVE-2004-2194

CVE-2004-2194 – MailEnable DoS . Affected: MailEnable Professional Edition < 1.53 and Enterprise Edition

5CVSS6.7AI score0.02063EPSS
CVE
CVE
added 2005/04/08 4:0 a.m.56 views

CVE-2005-1014

MailEnable’s IMAP service is affected on Enterprise 1.04 and earlier and Professional 1.54 by a buffer overflow triggered by a long AUTHENTICATE command. This allows remote arbitrary code execution (no authentication required per CVSS vector). Impact is described as partial confidentiality, integ...

7.5CVSS8AI score0.04885EPSS
CVE
CVE
added 2006/12/12 2:0 a.m.56 views

CVE-2006-6423

MailEnable IMAPD vulnerable in Enterprise/Professional editions (2.0–2.35 for Pro; 1.1–1.41/1.84 for various branches; 2.0–2.35), with a stack-based buffer overflow in the IMAP Login command that allows remote code execution via a crafted parameter and a long string in a pre-authenticated request...

10CVSS7.9AI score0.67042EPSS
CVE
CVE
added 2005/04/08 4:0 a.m.55 views

CVE-2005-1013

CVE-2005-1013 affects MailEnable Enterprise 1.04 and earlier and MailEnable Professional 1.54 and earlier. The issue is a denial-of-service via an EHLO command containing a Unicode string, which can crash the SMTP service. Connected documents corroborate a MailEnable SMTP DoS vector related to ma...

5CVSS6.8AI score0.05723EPSS
CVE
CVE
added 2005/07/17 4:0 a.m.54 views

CVE-2005-2278

The CVE-2005-2278 issue affects MailEnable Professional IMAPD 1.54. A stack-based buffer overflow occurs in the IMAP STATUS command when handling long mailbox names, exploitable by an authenticated remote user to execute arbitrary code. Valid exploits are evidenced by multiple sources (Metasploit...

7.2CVSS7.6AI score0.8464EPSS
CVE
CVE
added 2006/02/01 10:0 p.m.54 views

CVE-2006-0503

Summary of CVE-2006-0503 : The IMAP server in MailEnable Professional Edition prior to 1.72 is vulnerable to a remote denial of service via certain EXAMINE commands. Exploitation results in a service crash, affecting the MailEnable IMAP service. Remediation: upgrade to MailEnable Professional Edi...

5CVSS6.6AI score0.02302EPSS
CVE
CVE
added 2007/02/15 11:0 p.m.54 views

CVE-2007-0652

CVE-2007-0652 describes a CSRF vulnerability in MailEnable Professional prior to version 2.37 . An attacker can leverage a crafted link or IMG tag to cause an authenticated user to perform unauthorized actions, effectively allowing the attacker to modify arbitrary configurations and act as arbitr...

5.1CVSS6.9AI score0.01573EPSS
CVE
CVE
added 2005/11/26 2:0 a.m.52 views

CVE-2005-3813

The CVE-2005-3813 entry concerns MailEnable’s IMAP service (meimaps.exe) in MailEnable Professional 1.7 and Enterprise 1.1. The vulnerability arises from incorrect handling of mailbox names during the RENAME command, allowing an authenticated remote attacker to trigger a denial of service (IMAP s...

4CVSS6.3AI score0.03563EPSS
CVE
CVE
added 2006/03/21 2:0 a.m.51 views

CVE-2006-1338

CVE-2006-1338 affects MailEnable Webmail in Professional Edition before 1.73 and Enterprise Edition before 1.21. The vulnerability allows remote attackers to cause a denial of service through CPU consumption by handling specially crafted quoted-printable emails in the webmail interface (vectors a...

5CVSS6.6AI score0.02377EPSS
CVE
CVE
added 2006/06/28 10:0 p.m.51 views

CVE-2006-3277

Summary: CVE-2006-3277 affects MailEnable's SMTP service (Standard 1.92 and earlier; Professional 2.0 and earlier; Enterprise 2.0 and earlier) prior to the MESMTPC hotfix. A remote attacker can trigger a denial-of-service (application crash) by sending a HELO command containing a null byte, poten...

5CVSS6.9AI score0.05995EPSS
CVE
CVE
added 2006/10/06 12:0 a.m.51 views

CVE-2006-5177

MailEnable Professional 2.0 and Enterprise 2.0 NTLM authentication is vulnerable. Remote attackers can craft base64 NTLM messages to trigger a buffer over-read, enabling arbitrary code execution or a denial of service via NTLM Type 1/Type 3 messages. The vulnerability affects the SMTP/NTLM handli...

9.3CVSS8.2AI score0.07057EPSS
CVE
CVE
added 2006/12/12 8:0 p.m.51 views

CVE-2006-6484

CVE-2006-6484 affects MailEnable’s IMAP service in Professional/Enterprise Editions (versions 2.0–2.34; 1.1–1.40 ranges as listed) and causes a crash (DoS) via vectors that trigger a null pointer dereference. A hotfix ME-10023 addresses this issue; it is noted to be a separate issue from CVE-2006...

5CVSS6.5AI score0.02849EPSS
CVE
CVE
added 2007/03/07 12:0 a.m.51 views

CVE-2007-1301

CVE-2007-1301 describes a stack-based buffer overflow in the IMAP service of MailEnable Enterprise and Professional Editions

9CVSS7.5AI score0.1217EPSS
CVE
CVE
added 2006/12/19 7:0 p.m.50 views

CVE-2006-6605

This CVE (CVE-2006-6605) affects MailEnable POP3 service: a stack-based buffer overflow in handling the PASS command allows remote, unauthenticated attackers to execute arbitrary code. A boundary/overflow occurs when processing an overly long PASS argument, potentially enabling code execution wit...

10CVSS7.8AI score0.05844EPSS
CVE
CVE
added 2006/12/05 11:0 a.m.49 views

CVE-2006-6290

CVE-2006-6290 affects MailEnable IMAP server (MEIMAPS.EXE) in MailEnable Professional (versions 1.6–1.82 and 2.0–2.33) and MailEnable Enterprise (1.1–1.30 and 2.0–2.33). The issue is multiple stack-based overflow vulnerabilities in the IMAP service caused by insufficient input handling for mailbo...

6.5CVSS7.6AI score0.03148EPSS
CVE
CVE
added 2007/01/29 4:0 p.m.48 views

CVE-2006-6964

MailEnable Professional prior to v1.78 contains an information disclosure vulnerability: when an administrator edits a user’s settings, a cleartext user password is exposed in the HTML source. This allows remote authenticated administrators to obtain sensitive information. The affected product/co...

4CVSS5.8AI score0.00956EPSS
CVE
CVE
added 2007/02/15 11:0 p.m.48 views

CVE-2007-0651

MailEnable Professional (before 2.37) is affected by CVE-2007-0651 with multiple XSS flaws in the Web Mail Client. The vulnerabilities allow remote injection of arbitrary JavaScript by exploiting unsanitized content in email messages and in the ID parameter for mewebmail/base/default/lang/EN/{rig...

4.3CVSS5.9AI score0.03005EPSS
Web
CVE
CVE
added 2008/03/10 11:0 p.m.48 views

CVE-2008-1276

CVE-2008-1276 affects MailEnable Professional/Enterprise IMAP (MEIMAPS.EXE) up to version 3.13. Multiple buffer overflows allow remote authenticated attackers to execute arbitrary code via long arguments to FETCH, EXAMINE, and UNSUBSCRIBE commands. This is documented in the NVD entry and related ...

9CVSS7.5AI score0.07092EPSS
CVE
CVE
added 2006/09/07 12:0 a.m.47 views

CVE-2006-4616

The CVE-2006-4616 issue affects the MailEnable SMTP service (Standard/Professional/Enterprise), where SPF lookups for domains with large records can trigger a NULL pointer exception in the SMTP service, allowing unauthenticated remote attackers to cause a denial of service. Affected products are ...

5CVSS6.7AI score0.03461EPSS
CVE
CVE
added 2008/03/10 11:0 p.m.47 views

CVE-2008-1277

The CVE-2008-1277 issue affects MailEnable Professional Edition and Enterprise Edition up to version 3.13. The IMAP service (MEIMAPS.exe) is vulnerable when handling the SEARCH and APPEND commands without required arguments, causing a NULL pointer dereference and resulting in a denial of service....

9CVSS6.8AI score0.08255EPSS
CVE
CVE
added 2005/12/20 11:0 a.m.46 views

CVE-2005-4402

CVE-2005-4402 describes a buffer overflow in MailEnable Professional (1.71 and earlier) and MailEnable Enterprise (1.1 and earlier). The root cause is a buffer overflow triggered by a long IMAP EXAMINE command, allowing remote authenticated users to potentially execute arbitrary code. The availab...

6.5CVSS7.8AI score0.04337EPSS
CVE
CVE
added 2005/12/21 11:0 a.m.46 views

CVE-2005-4456

CVE-2005-4456 describes multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 prior to patch ME-10009, enabling remote attackers to crash the service and possibly execute arbitrary code via long LIST, LSUB, and UID FETCH commands. The description notes these may be alternat...

7.8CVSS7.9AI score0.07136EPSS
CVE
CVE
added 2006/10/06 12:0 a.m.46 views

CVE-2006-5176

MailEnable Professional 2.0 and Enterprise 2.0 are affected by a buffer overflow in NTLM authentication, allowing remote, unauthenticated attackers to execute arbitrary code via the signature field of NTLM Type 1 messages. The issue enables remote code execution or service crash in the MailEnable...

9.3CVSS8.2AI score0.05298EPSS
CVE
CVE
added 2005/07/12 4:0 a.m.42 views

CVE-2005-2222

Technical details about CVE-2005-2222 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories before drawing conclusions on impact or remediation.

10CVSS7AI score0.01376EPSS
CVE
CVE
added 2005/12/05 12:0 a.m.40 views

CVE-2005-3993

CVE-2005-3993 affects MailEnable Professional 1.6 and earlier and MailEnable Enterprise 1.1 and earlier. The issue is multiple unspecified vulnerabilities that allow a denial of service (crash) via invalid IMAP commands. The provided documents do not specify the root cause details, affected versi...

7.8CVSS7.2AI score0.01489EPSS