Vulnerability Details CVE-2008-1276
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.181
EPSS Ranking 94.8%
CVSS Severity
CVSS v2 Score 9.0
References
- http://aluigi.altervista.org/adv/maildisable-adv.txt
- http://secunia.com/advisories/29277
- http://securityreason.com/securityalert/3724
- http://www.securityfocus.com/archive/1/489270/100/0/threaded
- http://www.securityfocus.com/bid/28145
- http://www.securitytracker.com/id?1019565
- http://www.vupen.com/english/advisories/2008/0799/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41058
- https://www.exploit-db.com/exploits/5249
- http://aluigi.altervista.org/adv/maildisable-adv.txt
- http://secunia.com/advisories/29277
- http://securityreason.com/securityalert/3724
- http://www.securityfocus.com/archive/1/489270/100/0/threaded
- http://www.securityfocus.com/bid/28145
- http://www.securitytracker.com/id?1019565
- http://www.vupen.com/english/advisories/2008/0799/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41058
- https://www.exploit-db.com/exploits/5249
Products affected by CVE-2008-1276
-
cpe:2.3:a:mailenable:mailenable_enterprise:*
-
cpe:2.3:a:mailenable:mailenable_professional:*