Mailenable: Security Vulnerabilities
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
CVSS Score
7.5
EPSS Score
0.911
Published
2005-05-02
MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.
CVSS Score
5.0
EPSS Score
0.02
Published
2004-12-31
Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.
CVSS Score
7.5
EPSS Score
0.61
Published
2004-12-31
HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348.
CVSS Score
5.0
EPSS Score
0.017
Published
2004-12-31
Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request.
CVSS Score
4.3
EPSS Score
0.046
Published
2004-12-31
MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow.
CVSS Score
5.0
EPSS Score
0.034
Published
2002-12-31
Page 9