Eudora Worldmail
by Qualcomm
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6024 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2006 | Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" modules in VulnDisco Pack. NOTE: Some of these… | ||
| CVE-2006-6025 | Hig | 0.49 | 7.5 | 0.01 | Nov 21, 2006 | QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated by a certain module in VulnDisco Pack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. As of 20061118, this… | ||
| CVE-2005-4267 | 0.08 | — | 0.67 | Dec 21, 2005 | Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7)… | |||
| CVE-2014-10031 | 0.03 | — | 0.04 | Jan 13, 2015 | Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command. | |||
| CVE-2006-0637 | 0.03 | — | 0.02 | Feb 10, 2006 | Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than… | |||
| CVE-2006-6336 | 0.01 | — | 0.07 | Dec 31, 2006 | Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allows remote attackers to execute arbitrary code via a crafted request containing successive delimiters. | |||
| CVE-2001-1318 | 0.00 | — | 0.03 | Jul 16, 2001 | Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |
- risk 0.64cvss 9.8epss 0.01
Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" modules in VulnDisco Pack. NOTE: Some of these…
- risk 0.49cvss 7.5epss 0.01
QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated by a certain module in VulnDisco Pack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. As of 20061118, this…
- CVE-2005-4267Dec 21, 2005risk 0.08cvss —epss 0.67
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7)…
- CVE-2014-10031Jan 13, 2015risk 0.03cvss —epss 0.04
Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.
- CVE-2006-0637Feb 10, 2006risk 0.03cvss —epss 0.02
Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than…
- CVE-2006-6336Dec 31, 2006risk 0.01cvss —epss 0.07
Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allows remote attackers to execute arbitrary code via a crafted request containing successive delimiters.
- CVE-2001-1318Jul 16, 2001risk 0.00cvss —epss 0.03
Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.