VYPR

Professional Edition

by MailEnable

CVEs (12)

  • CVE-2005-3155Oct 5, 2005
    MailEnable
    Mailenable Enterprise
    risk 0.10cvss epss 0.86

    Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.

  • CVE-2004-2501Dec 31, 2004
    MailEnable
    Mailenable Enterprise
    risk 0.08cvss epss 0.61

    Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.

  • CVE-2008-1276Mar 10, 2008
    MailEnable
    Mailenable Enterprise
    risk 0.04cvss epss 0.13

    Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.

  • CVE-2008-1277Mar 10, 2008
    MailEnable
    Mailenable Enterprise
    risk 0.03cvss epss 0.05

    The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.

  • CVE-2004-2727Dec 31, 2004
    MailEnable
    Mailenable
    risk 0.03cvss epss 0.05

    Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request.

  • CVE-2005-3690Nov 19, 2005
    MailEnable
    Mailenable Enterprise
    risk 0.01cvss epss 0.12

    Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe,…

  • CVE-2008-3449Aug 4, 2008
    MailEnable
    Mailenable
    risk 0.00cvss epss 0.03

    MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote attackers to cause a denial of service (crash) via multiple IMAP connection requests to the same folder.

  • CVE-2007-0651Feb 15, 2007
    MailEnable
    Mailenable Professional
    risk 0.00cvss epss 0.04

    Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in…

  • CVE-2006-6291Dec 5, 2006
    MailEnable
    Mailenable
    risk 0.00cvss epss 0.01

    Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument…

  • CVE-2006-1337Mar 21, 2006
    MailEnable
    Mailenable
    risk 0.00cvss epss 0.03

    Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication.

  • CVE-2005-3691Nov 19, 2005
    Websense
    Enterprise
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename…

  • CVE-2004-2194Dec 31, 2004
    MailEnable
    Mailenable Enterprise
    risk 0.00cvss epss 0.02

    MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.