Mercur
Products
5- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-1255 | 0.08 | — | 0.68 | Mar 19, 2006 | Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of… | |||
| CVE-2000-0198 | 0.04 | — | 0.08 | Mar 15, 2000 | Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service. | |||
| CVE-2002-1073 | 0.03 | — | 0.06 | Oct 4, 2002 | Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password. | |||
| CVE-2000-0239 | 0.03 | — | 0.04 | Mar 15, 2000 | Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request. | |||
| CVE-2005-1657 | 0.00 | — | 0.02 | May 18, 2005 | Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id… | |||
| CVE-2005-1656 | 0.00 | — | 0.01 | May 18, 2005 | Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20"). |
- CVE-2006-1255Mar 19, 2006risk 0.08cvss —epss 0.68
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of…
- CVE-2000-0198Mar 15, 2000risk 0.04cvss —epss 0.08
Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service.
- CVE-2002-1073Oct 4, 2002risk 0.03cvss —epss 0.06
Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.
- CVE-2000-0239Mar 15, 2000risk 0.03cvss —epss 0.04
Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request.
- CVE-2005-1657May 18, 2005risk 0.00cvss —epss 0.02
Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id…
- CVE-2005-1656May 18, 2005risk 0.00cvss —epss 0.01
Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20").