Mailenable
by MailEnable
CVEs (75)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6290 | 0.00 | — | 0.03 | Dec 5, 2006 | Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or… | |||
| CVE-2006-6291 | 0.00 | — | 0.03 | Dec 5, 2006 | Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument… | |||
| CVE-2006-5176 | 0.00 | — | 0.05 | Oct 10, 2006 | Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages". | |||
| CVE-2006-4616 | 0.00 | — | 0.03 | Sep 7, 2006 | SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception. | |||
| CVE-2006-1792 | 0.00 | — | 0.02 | Apr 15, 2006 | Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected… | |||
| CVE-2006-1338 | 0.00 | — | 0.02 | Mar 21, 2006 | Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails". | |||
| CVE-2006-1337 | 0.00 | — | 0.05 | Mar 21, 2006 | Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication. | |||
| CVE-2006-0504 | 0.00 | — | 0.03 | Feb 1, 2006 | Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 allows remote attackers to cause a denial of service (CPU utilization) by viewing "formatted quoted-printable emails" via webmail. | |||
| CVE-2005-4457 | 0.00 | — | 0.03 | Dec 21, 2005 | MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via several "..." (triple dot) sequences in a UID FETCH command. | |||
| CVE-2005-3993 | 0.00 | — | 0.01 | Dec 5, 2005 | Multiple unspecified vulnerabilities in MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allow attackers to cause a denial of service (crash) via invalid IMAP commands. | |||
| CVE-2005-3690 | 0.00 | — | 0.05 | Nov 19, 2005 | Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe,… | |||
| CVE-2005-1781 | 0.00 | — | 0.02 | May 31, 2005 | Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash). | |||
| CVE-2005-1014 | 0.00 | — | 0.05 | May 2, 2005 | Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command. | |||
| CVE-2004-2726 | 0.00 | — | 0.03 | Dec 31, 2004 | HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348. | |||
| CVE-2004-2194 | 0.00 | — | 0.02 | Dec 31, 2004 | MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. |
- CVE-2006-6290Dec 5, 2006risk 0.00cvss —epss 0.03
Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or…
- CVE-2006-6291Dec 5, 2006risk 0.00cvss —epss 0.03
Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument…
- CVE-2006-5176Oct 10, 2006risk 0.00cvss —epss 0.05
Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages".
- CVE-2006-4616Sep 7, 2006risk 0.00cvss —epss 0.03
SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of records, which triggers a null pointer exception.
- CVE-2006-1792Apr 15, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected…
- CVE-2006-1338Mar 21, 2006risk 0.00cvss —epss 0.02
Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails".
- CVE-2006-1337Mar 21, 2006risk 0.00cvss —epss 0.05
Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication.
- CVE-2006-0504Feb 1, 2006risk 0.00cvss —epss 0.03
Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 allows remote attackers to cause a denial of service (CPU utilization) by viewing "formatted quoted-printable emails" via webmail.
- CVE-2005-4457Dec 21, 2005risk 0.00cvss —epss 0.03
MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via several "..." (triple dot) sequences in a UID FETCH command.
- CVE-2005-3993Dec 5, 2005risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allow attackers to cause a denial of service (crash) via invalid IMAP commands.
- CVE-2005-3690Nov 19, 2005risk 0.00cvss —epss 0.05
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe,…
- CVE-2005-1781May 31, 2005risk 0.00cvss —epss 0.02
Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).
- CVE-2005-1014May 2, 2005risk 0.00cvss —epss 0.05
Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command.
- CVE-2004-2726Dec 31, 2004risk 0.00cvss —epss 0.03
HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348.
- CVE-2004-2194Dec 31, 2004risk 0.00cvss —epss 0.02
MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.
Page 4 of 4