Unrated severityNVD Advisory· Published Dec 12, 2006· Updated Apr 23, 2026
CVE-2006-6423
CVE-2006-6423
Description
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Affected products
34cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*+ 32 more
- cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.16:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.17:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.19:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.21:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.14:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.22:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.23:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.24:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.25:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.26:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.27:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.28:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.29:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.30:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.31:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.32:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.33:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.34:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.35:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.36:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.37:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.38:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.39:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.40:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_enterprise:2.35:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- secunia.com/secunia_research/2006-73/advisory/nvdPatchVendor Advisory
- www.mailenable.com/hotfix/nvdPatchVendor Advisory
- secunia.com/advisories/23201nvd
- securityreason.com/securityalert/2022nvd
- www.securityfocus.com/archive/1/454075/100/0/threadednvd
- www.securityfocus.com/bid/21492nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30796nvd
News mentions
0No linked articles in our index yet.