VYPR

Denbun IMAP

by NEOJAPAN Inc.

CVEs (7)

  • CVE-2018-0684CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via multipart/form-data format data.

  • CVE-2018-0683CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via Cookie data.

  • CVE-2018-0682CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors.

  • CVE-2018-0681CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the configuration.

  • CVE-2018-0680CriNov 15, 2018
    risk 0.64cvss 9.8epss 0.02

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to read/send mail or change the configuration.

  • CVE-2018-0686HigNov 15, 2018
    risk 0.57cvss 8.8epss 0.01

    Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors.

  • CVE-2018-0687MedNov 15, 2018
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.