VYPR

Eudora Worldmail

by Qualcomm

CVEs (7)

  • CVE-2006-6024CriNov 21, 2006
    risk 0.64cvss 9.8epss 0.01

    Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" modules in VulnDisco Pack. NOTE: Some of these…

  • CVE-2006-6025HigNov 21, 2006
    risk 0.49cvss 7.5epss 0.01

    QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated by a certain module in VulnDisco Pack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. As of 20061118, this…

  • CVE-2005-4267Dec 21, 2005
    risk 0.08cvss epss 0.67

    Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7)…

  • CVE-2014-10031Jan 13, 2015
    risk 0.03cvss epss 0.04

    Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.

  • CVE-2006-0637Feb 10, 2006
    risk 0.03cvss epss 0.02

    Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than…

  • CVE-2006-6336Dec 31, 2006
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allows remote attackers to execute arbitrary code via a crafted request containing successive delimiters.

  • CVE-2001-1318Jul 16, 2001
    risk 0.00cvss epss 0.03

    Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.