Code Crafters
Products
2- 5 CVEs
- 2 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17752 | Med | 0.43 | 6.1 | 0.01 | Dec 20, 2017 | Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4. | ||
| CVE-2004-1626 | 0.08 | — | 0.67 | Oct 22, 2004 | Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command. | |||
| CVE-2004-1627 | 0.04 | — | 0.15 | Oct 22, 2004 | Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command. | |||
| CVE-2013-6162 | 0.03 | — | 0.01 | Dec 21, 2013 | Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email. | |||
| CVE-2009-3445 | 0.00 | — | 0.02 | Sep 28, 2009 | Unspecified vulnerability in Code-Crafters Ability Mail Server before 2.70 allows remote attackers to cause a denial of service (daemon crash) via an IMAP4 FETCH command. | |||
| CVE-2007-6101 | 0.00 | — | 0.01 | Nov 23, 2007 | Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages. | |||
| CVE-2004-2495 | 0.00 | — | 0.02 | Dec 31, 2004 | The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service. |
- risk 0.43cvss 6.1epss 0.01
Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.
- CVE-2004-1626Oct 22, 2004risk 0.08cvss —epss 0.67
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
- CVE-2004-1627Oct 22, 2004risk 0.04cvss —epss 0.15
Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command.
- CVE-2013-6162Dec 21, 2013risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email.
- CVE-2009-3445Sep 28, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in Code-Crafters Ability Mail Server before 2.70 allows remote attackers to cause a denial of service (daemon crash) via an IMAP4 FETCH command.
- CVE-2007-6101Nov 23, 2007risk 0.00cvss —epss 0.01
Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages.
- CVE-2004-2495Dec 31, 2004risk 0.00cvss —epss 0.02
The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service.