Mailenable Professional@1.6 Security Vulnerabilities and Issues — Mailenable Professional@1.6 CVE List

Lucene search

MailenableMailenable Professional1.6

9 matches found

CVE•added 2006/04/15 10:2 a.m.•48 views

CVE-2006-1792

Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probably ...

10CVSS6.2AI score0.02884EPSS

CVE•added 2007/02/15 11:28 p.m.•44 views

CVE-2007-0652

Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.

5.1CVSS6.9AI score0.02105EPSS

CVE•added 2005/10/05 11:2 p.m.•43 views

CVE-2005-3155

Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.

7.5CVSS7.5AI score0.86484EPSS

CVE•added 2006/02/01 10:2 p.m.•43 views

CVE-2006-0503

IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command.

5CVSS6.6AI score0.0417EPSS

CVE•added 2006/03/21 2:6 a.m.•41 views

CVE-2006-1338

Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails".

5CVSS6.6AI score0.03697EPSS

CVE•added 2006/06/28 10:5 p.m.•41 views

CVE-2006-3277

The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a lengt...

5CVSS6.9AI score0.17591EPSS

CVE•added 2006/12/12 8:28 p.m.•39 views

CVE-2006-6484

The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addre...

5CVSS6.5AI score0.3773EPSS

CVE•added 2006/12/05 11:28 a.m.•38 views

CVE-2006-6290

Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrar...

6.5CVSS7.6AI score0.02182EPSS

CVE•added 2007/02/15 11:28 p.m.•35 views

CVE-2007-0651

Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lan...

4.3CVSS5.9AI score0.02758EPSS