Netmail@3.5.2 Security Vulnerabilities and Issues — Netmail@3.5.2 CVE List

Lucene search

NovellNetmail3.5.2

11 matches found

CVE•added 2006/06/05 6:0 p.m.•49 views

CVE-2005-1976

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

1.7CVSS8.1AI score0.00071EPSS

CVE•added 2005/11/18 10:3 p.m.•47 views

CVE-2005-3314

Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."

7.5CVSS7.9AI score0.83419EPSS

CVE•added 2006/12/27 2:28 a.m.•45 views

CVE-2006-6762

The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.

4CVSS6.4AI score0.01096EPSS

CVE•added 2005/06/15 4:0 a.m.•43 views

CVE-2005-1758

Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.

7.5CVSS7.8AI score0.24528EPSS

CVE•added 2005/06/15 4:0 a.m.•42 views

CVE-2005-1756

Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.

4.3CVSS6AI score0.01166EPSS

CVE•added 2005/06/15 4:0 a.m.•41 views

CVE-2005-1757

Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.

7.5CVSS7.9AI score0.02041EPSS

CVE•added 2005/07/09 4:0 a.m.•41 views

CVE-2005-2176

Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.

6.4CVSS6.9AI score0.04325EPSS

CVE•added 2007/12/10 7:46 p.m.•40 views

CVE-2007-6302

Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162."

6.8CVSS7.9AI score0.17335EPSS

CVE•added 2005/10/20 10:2 a.m.•39 views

CVE-2005-2469

Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command.

4.6CVSS8.1AI score0.00141EPSS

CVE•added 2006/12/27 2:28 a.m.•36 views

CVE-2006-6761

Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.

6.5CVSS7.7AI score0.45703EPSS

CVE•added 2007/03/08 10:19 p.m.•35 views

CVE-2007-1350

Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication.

6.8CVSS7.8AI score0.65623EPSS