Vulnerability Details CVE-2006-6423
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.377
EPSS Ranking 97.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/23201
- http://secunia.com/secunia_research/2006-73/advisory/
- http://securityreason.com/securityalert/2022
- http://www.mailenable.com/hotfix/
- http://www.securityfocus.com/archive/1/454075/100/0/threaded
- http://www.securityfocus.com/bid/21492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30796
- http://secunia.com/advisories/23201
- http://secunia.com/secunia_research/2006-73/advisory/
- http://securityreason.com/securityalert/2022
- http://www.mailenable.com/hotfix/
- http://www.securityfocus.com/archive/1/454075/100/0/threaded
- http://www.securityfocus.com/bid/21492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30796
Products affected by CVE-2006-6423
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.1
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.11
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.12
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.13
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.14
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.15
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.16
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.17
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.18
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.19
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.2
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.21
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.22
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.23
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.24
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.25
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.26
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.27
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.28
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.29
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.30
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.31
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.32
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.33
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.34
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.35
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.36
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.37
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.38
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.39
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.40
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.41
-
cpe:2.3:a:mailenable:mailenable_enterprise:2.35
-
cpe:2.3:a:mailenable:mailenable_professional:1.84