Extremail: >> Extremail >> 1.1.4 Security Vulnerabilities
Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges.
CVSS Score
10.0
EPSS Score
0.009
Published
2004-11-23
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
CVSS Score
10.0
EPSS Score
0.042
Published
2001-06-21