Novell: >> Netmail Security Vulnerabilities
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
CVSS Score
6.4
EPSS Score
0.043
Published
2005-07-09
Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.
CVSS Score
4.3
EPSS Score
0.012
Published
2005-06-08
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.02
Published
2005-06-08
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.074
Published
2005-06-08
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
CVSS Score
6.4
EPSS Score
0.004
Published
2004-12-31
Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.
CVSS Score
7.5
EPSS Score
0.01
Published
2002-10-04
Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-10-04
Page 2