Search criteria
99 vulnerabilities found for mailenable_professional by mailenable
FKIE_CVE-2008-1276
Vulnerability from fkie_nvd - Published: 2008-03-10 23:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mailenable | mailenable_enterprise | * | |
| mailenable | mailenable_professional | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6496BBB-BF66-4CA5-B1E1-BF65D58DEB0E",
"versionEndIncluding": "3.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46C4F770-9BCC-42AB-B04C-3ACD60357472",
"versionEndIncluding": "3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en el Servicio IMAP (MEIMAPS.EXE) de MailEnable Professional Edition y Enterprise Edition 3.13 y anteriores, permite a atacantes autenticados remotamente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos largos hacia los comandos (1) FETCH, (2) EXAMINE y (3) UNSUBSCRIBE."
}
],
"id": "CVE-2008-1276",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-10T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29277"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3724"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/5249"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1275
Vulnerability from fkie_nvd - Published: 2008-03-10 23:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mailenable | mailenable_enterprise | * | |
| mailenable | mailenable_professional | * | |
| mailenable | mailenable_standard | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDBCAC5-9215-487B-BFC1-A55982352714",
"versionEndIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77ED3854-23DD-4153-8A40-F26F975CAE72",
"versionEndIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B924438E-5E77-43D5-873C-70F1B2FE4191",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el servicio SMTP de MailEnable Standard Edition 1.x, Professional Edition 3.x y anteriores, y Enterprise Edition 3.x y anteriores, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante los comandos manipulados (1) EXPN o (2) VRFY."
}
],
"id": "CVE-2008-1275",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-10T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29300"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/5235"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1277
Vulnerability from fkie_nvd - Published: 2008-03-10 23:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mailenable | mailenable_enterprise | * | |
| mailenable | mailenable_professional | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6496BBB-BF66-4CA5-B1E1-BF65D58DEB0E",
"versionEndIncluding": "3.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46C4F770-9BCC-42AB-B04C-3ACD60357472",
"versionEndIncluding": "3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
},
{
"lang": "es",
"value": "El servicio IMAP (MEIMAPS.exe) en MailEnable Professional Edition y Enterprise Edition 3.13 y anteriores, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de los comandos (1) SEARCH y (2) APPEND que no tengan los argumentos requeridos, esto induce a una referencia a puntero nulo."
}
],
"id": "CVE-2008-1277",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-10T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29277"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3724"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-1301
Vulnerability from fkie_nvd - Published: 2007-03-07 00:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mailenable | mailenable_enterprise | * | |
| mailenable | mailenable_professional | 2.37 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "794B82C8-E0B2-4B79-BF36-3FB9E09AE5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.37:*:professional:*:*:*:*:*",
"matchCriteriaId": "6DC1B3DE-6F03-47BA-AF5C-CDA53120AF41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el servicio IMAP de MailEnable ediciones Enterprise y Professional 2.37 y anteriores permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante una argumento largo al comando APPEND. NOTA: esta vulnerabilidad es, probablemente, diferente que CVE-2006-6423."
}
],
"id": "CVE-2007-1301",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-07T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24361"
},
{
"source": "cve@mitre.org",
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017739"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-0652
Vulnerability from fkie_nvd - Published: 2007-02-15 23:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*",
"matchCriteriaId": "D078B497-4C3C-4246-87C5-58DC5EEED452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*",
"matchCriteriaId": "97DD9EC9-1A27-4A96-95A1-086DEA1E3890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*",
"matchCriteriaId": "193959CF-DAF3-4C62-8DB0-660115E1D41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*",
"matchCriteriaId": "8A827A0E-BDF2-4BAB-9F52-0014FE6E4B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*",
"matchCriteriaId": "82CF54A9-CF50-4B23-8E3A-AFB08F7F98F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*",
"matchCriteriaId": "51BA53BA-CDF5-42EC-8D2B-EC24FDF82931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B1E90C-AA06-4A89-90B3-0E7140F9B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*",
"matchCriteriaId": "060D809A-C603-4E06-9F57-3C76FEE6F86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*",
"matchCriteriaId": "D53DE94B-0C32-4DDB-B13B-7B05208477AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5EA901-CD07-464B-8EB0-8F845EDABAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*",
"matchCriteriaId": "92B2611A-D7CF-441A-BA60-F27CF28BEB3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*",
"matchCriteriaId": "7139C2FC-4DA3-4193-B130-05524EB97C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*",
"matchCriteriaId": "C78B7FD6-2433-4EAA-8B3E-0507F81D54FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8B058B-F517-46C4-AC05-8EC258E38A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF16E400-930E-4845-BB23-ED1217505302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFAF9C8-DB67-446E-B63C-530CB0C170B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "08F30383-D23F-4CA5-BC02-7716398BC042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADEF40C-4C56-4893-B757-15966ED5A925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE40F5BA-6174-4959-BFD1-CCECAB138009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "430C8E86-F7CA-4217-A3C1-71CBE5CAB825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D35AD18C-CA58-4DFC-A60F-49B698607B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B219EBD1-B0E9-4599-B633-AA4C227E5854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "81249BA3-3D1D-4388-BE8D-28AB5CA3AFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "771D029C-9F4A-41F9-8F86-F1B1BD38B329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F32956E6-A13B-4663-BBC9-FEB08A1DCC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1AABE2F0-FEC1-4BDE-B1C0-92FF2CEA48E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "652F54CA-1CCA-4BC9-8728-A0F6FABF8817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*",
"matchCriteriaId": "269BCB9D-9AEF-40E2-8291-50EC2A083775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*",
"matchCriteriaId": "88435083-D7A8-4679-BEB1-4B6526454C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*",
"matchCriteriaId": "145A8B1A-573D-4695-B66A-FF8EA2556DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "C9572349-9433-415F-B81B-10A1375AF33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*",
"matchCriteriaId": "4F785125-F530-4674-B2B3-0D97E8397391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*",
"matchCriteriaId": "5F59A308-7D1A-4C4F-A34C-27FDCF12E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*",
"matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*",
"matchCriteriaId": "652E1512-B1B1-44B5-93CF-9C526B95BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2835FBA2-79E4-4541-913C-21BAD3320D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9449E3-1CEA-40AF-BD00-94B56E38AF5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "39724984-2A10-441F-A103-2DFA693F4F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*",
"matchCriteriaId": "D01DB7FF-7171-43D2-96F3-E5C0AABA4877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*",
"matchCriteriaId": "77B95FCC-55C7-4B44-B8C7-85792C7E91BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*",
"matchCriteriaId": "16E07556-02E5-42FA-9338-3176EB2ED536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*",
"matchCriteriaId": "539C5F71-83FC-455C-8180-72C9F1E2C4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C4D762-BF84-4734-B9AD-ED9F3FB85D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B410FC-650E-4E51-8634-D99113E8B1AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*",
"matchCriteriaId": "45C6B358-93A6-4A9A-B284-9DFA9C981620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2638B249-E955-48B3-A309-EF92737E015D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*",
"matchCriteriaId": "2F275DA6-7799-4B51-8F9C-DD23E8A3C5AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB961BA-8FAB-4FC5-B582-AF758E7D0E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*",
"matchCriteriaId": "A400F721-435F-4EBA-8BC2-92E4769A35A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*",
"matchCriteriaId": "61206A1A-FF1A-4A45-8952-509168BD8495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FD7082-AC93-426F-9DA7-50CBFFDAC07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0576FE-F0BC-4DA7-B007-7DA49F369700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2826B3D-44E0-4D4B-A681-8C3DADF522F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "662AEDE4-698E-4C78-93B4-4B915749DF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "87E5107B-BDC2-4972-A3A4-AA6782E46B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6739BEA4-C75F-476E-AF5D-449D8236E042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD0D1C2-A067-4F86-9179-ED1C263BE5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBA085C-8A89-4625-9811-AF1B615F5939",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
},
{
"lang": "es",
"value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en MailEnable Professional versiones anteriores a 2.37 permite a atacantes remotos modificar configuraciones de su elecci\u00f3n y realizar acciones no autorizadas como usuarios de su elecci\u00f3n mediante una etiqueta link \u00f3 IMG.\r\n"
}
],
"id": "CVE-2007-0652",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-02-15T23:28:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33191"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23998"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/2258"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/22554"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0595"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-0651
Vulnerability from fkie_nvd - Published: 2007-02-15 23:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*",
"matchCriteriaId": "D078B497-4C3C-4246-87C5-58DC5EEED452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*",
"matchCriteriaId": "97DD9EC9-1A27-4A96-95A1-086DEA1E3890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*",
"matchCriteriaId": "193959CF-DAF3-4C62-8DB0-660115E1D41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*",
"matchCriteriaId": "8A827A0E-BDF2-4BAB-9F52-0014FE6E4B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*",
"matchCriteriaId": "82CF54A9-CF50-4B23-8E3A-AFB08F7F98F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*",
"matchCriteriaId": "51BA53BA-CDF5-42EC-8D2B-EC24FDF82931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B1E90C-AA06-4A89-90B3-0E7140F9B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*",
"matchCriteriaId": "060D809A-C603-4E06-9F57-3C76FEE6F86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*",
"matchCriteriaId": "D53DE94B-0C32-4DDB-B13B-7B05208477AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5EA901-CD07-464B-8EB0-8F845EDABAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*",
"matchCriteriaId": "92B2611A-D7CF-441A-BA60-F27CF28BEB3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*",
"matchCriteriaId": "7139C2FC-4DA3-4193-B130-05524EB97C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*",
"matchCriteriaId": "C78B7FD6-2433-4EAA-8B3E-0507F81D54FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8B058B-F517-46C4-AC05-8EC258E38A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF16E400-930E-4845-BB23-ED1217505302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFAF9C8-DB67-446E-B63C-530CB0C170B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "08F30383-D23F-4CA5-BC02-7716398BC042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADEF40C-4C56-4893-B757-15966ED5A925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE40F5BA-6174-4959-BFD1-CCECAB138009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "430C8E86-F7CA-4217-A3C1-71CBE5CAB825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D35AD18C-CA58-4DFC-A60F-49B698607B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B219EBD1-B0E9-4599-B633-AA4C227E5854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "81249BA3-3D1D-4388-BE8D-28AB5CA3AFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "771D029C-9F4A-41F9-8F86-F1B1BD38B329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F32956E6-A13B-4663-BBC9-FEB08A1DCC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1AABE2F0-FEC1-4BDE-B1C0-92FF2CEA48E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "652F54CA-1CCA-4BC9-8728-A0F6FABF8817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*",
"matchCriteriaId": "269BCB9D-9AEF-40E2-8291-50EC2A083775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*",
"matchCriteriaId": "88435083-D7A8-4679-BEB1-4B6526454C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*",
"matchCriteriaId": "145A8B1A-573D-4695-B66A-FF8EA2556DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "C9572349-9433-415F-B81B-10A1375AF33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*",
"matchCriteriaId": "4F785125-F530-4674-B2B3-0D97E8397391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*",
"matchCriteriaId": "5F59A308-7D1A-4C4F-A34C-27FDCF12E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*",
"matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*",
"matchCriteriaId": "652E1512-B1B1-44B5-93CF-9C526B95BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2835FBA2-79E4-4541-913C-21BAD3320D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9449E3-1CEA-40AF-BD00-94B56E38AF5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "39724984-2A10-441F-A103-2DFA693F4F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*",
"matchCriteriaId": "D01DB7FF-7171-43D2-96F3-E5C0AABA4877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*",
"matchCriteriaId": "77B95FCC-55C7-4B44-B8C7-85792C7E91BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*",
"matchCriteriaId": "16E07556-02E5-42FA-9338-3176EB2ED536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*",
"matchCriteriaId": "539C5F71-83FC-455C-8180-72C9F1E2C4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C4D762-BF84-4734-B9AD-ED9F3FB85D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B410FC-650E-4E51-8634-D99113E8B1AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*",
"matchCriteriaId": "45C6B358-93A6-4A9A-B284-9DFA9C981620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2638B249-E955-48B3-A309-EF92737E015D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*",
"matchCriteriaId": "2F275DA6-7799-4B51-8F9C-DD23E8A3C5AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB961BA-8FAB-4FC5-B582-AF758E7D0E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*",
"matchCriteriaId": "A400F721-435F-4EBA-8BC2-92E4769A35A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*",
"matchCriteriaId": "61206A1A-FF1A-4A45-8952-509168BD8495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FD7082-AC93-426F-9DA7-50CBFFDAC07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0576FE-F0BC-4DA7-B007-7DA49F369700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2826B3D-44E0-4D4B-A681-8C3DADF522F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "662AEDE4-698E-4C78-93B4-4B915749DF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "87E5107B-BDC2-4972-A3A4-AA6782E46B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6739BEA4-C75F-476E-AF5D-449D8236E042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD0D1C2-A067-4F86-9179-ED1C263BE5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBA085C-8A89-4625-9811-AF1B615F5939",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en MailEnable Professional versiones anteriores a 2.37 permite a atacantes remotos inyectar scripts Javascript de su elecci\u00f3n mediante (1) mensajes de correo electr\u00f3nico y (2) el par\u00e1metro ID en(a) right.asp, (b) Forms/MAI/list.asp, y (c) Forms/VCF/list.asp en mewebmail/base/default/lang/EN/."
}
],
"id": "CVE-2007-0651",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-02-15T23:28:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33188"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33189"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33190"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23998"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/2258"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/22554"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6964
Vulnerability from fkie_nvd - Published: 2007-01-29 16:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mailenable | mailenable_professional | 1.7 | |
| mailenable | mailenable_professional | 1.71 | |
| mailenable | mailenable_professional | 1.72 | |
| mailenable | mailenable_professional | 1.73 | |
| mailenable | mailenable_professional | 1.74 | |
| mailenable | mailenable_professional | 1.75 | |
| mailenable | mailenable_professional | 1.76 | |
| mailenable | mailenable_professional | 1.77 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.71:*:*:*:*:*:*:*",
"matchCriteriaId": "93A9222A-6F22-40BD-8411-69A90E8E46AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.74:*:*:*:*:*:*:*",
"matchCriteriaId": "9100CDEC-AD30-4CE0-9772-BF0524EDBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C88089AF-34E8-40DA-9F1A-48F50C6B8A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "F7FA2C5E-A638-485B-969E-445C7B88D1CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.77:*:*:*:*:*:*:*",
"matchCriteriaId": "80D3BFCC-4CF3-4FEB-844B-B6D092FCFD4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
},
{
"lang": "es",
"value": "MailEnable Professional anterior a 1.78 proporciona una contrase\u00f1a de usuario en texto claro cuando un administrador edita la configuraci\u00f3n del usuario, lo cual permite a administradores autenticados remotamente obtener informaci\u00f3n sensible viendo el c\u00f3digo fuente HTML."
}
],
"id": "CVE-2006-6964",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-29T16:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6605
Vulnerability from fkie_nvd - Published: 2006-12-19 19:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mailenable | mailenable_enterprise | * | |
| mailenable | mailenable_enterprise | 1.41 | |
| mailenable | mailenable_professional | * | |
| mailenable | mailenable_professional | 1.84 | |
| mailenable | mailenable_standard | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4ECC9C-9D19-41F8-8A9A-86CDAAF591AB",
"versionEndIncluding": "2.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "D83D1EA7-A3D6-41AA-B922-18885328D292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7173C4E7-ACB7-4277-B4E8-79E655B97EEF",
"versionEndIncluding": "2.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*",
"matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAE8D3D-FF57-49B1-AE03-3ADB815A5DE8",
"versionEndIncluding": "1.98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el servicio POP de MailEnable Standard 1.98 y anteriores ; Professional 1.84, y 2.35 y anteriores; y Enterprise 1.41, y 2.35 y anteriores a ME-10026 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento largo al comando PASS."
}
],
"id": "CVE-2006-6605",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-19T19:28:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23127"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/2053"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securitytracker.com/id?1017395"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/21645"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2006/5052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6484
Vulnerability from fkie_nvd - Published: 2006-12-12 20:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/23267 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mailenable.com/hotfix/ | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/21493 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/30797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23267 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mailenable.com/hotfix/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/21493 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/30797 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45540A37-2CBF-453F-8EFF-696B9318499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39F83EAD-9296-4A24-BF7F-905CC93FEADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6FB230-80C5-4B8D-898E-8C298B2207C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A640E156-FF31-48E6-9D98-E2E669C01C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "04B96ED6-16EB-42A4-BDC6-0EE45EA38B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "455DD7A6-A83E-4200-B41B-505118FE8E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5462F1-B6D9-43F0-982C-2E4534E79E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3248B134-BF1F-4109-A0DC-DF9A01CC8156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "849A1A19-83BA-4984-947B-C47DAA515908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8E3C2B12-AF3A-44D9-9C91-58F4AB1FE188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "71A25D16-21ED-4EAD-A535-6000E77ECF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E7BAC3EA-3267-4AE2-A172-3B8D63B09B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5AC063-9D7B-45A2-9D90-B85E2DFBB6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CD73FDB9-4A1E-4A8A-A541-21C7726A152C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1491392B-467F-4CA0-B6D7-2A7478C4DFA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3F71BC-639F-4966-B05D-5E3BB9C5FA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "056C7707-A07C-4F4A-8390-97885581802F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "0025F745-D34D-4275-9A3B-5530B7A0A520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB9ECA3-FFF5-447D-B685-666669410D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B56A4283-E0DB-42CE-9551-FC3DBC7E50A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "F80F2B0F-8461-47C3-A07A-98681D255478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E1599A-9928-4A06-B650-1238D62CD2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E07825D6-EBA0-42B5-BE18-DA3D440A986D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "3C153370-5AD2-4020-9656-5BDD7644F692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "50451621-1AF5-4A17-9355-62D78DDAE7A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "EC62336F-5F8F-4FF7-B2FB-CBBBAEC77162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.36:*:*:*:*:*:*:*",
"matchCriteriaId": "75BF5AF2-FAD4-48B4-B893-035F5A82A58D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F5CF79-543F-4ECA-B5A3-5212A1D0A18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "D80141E2-F98C-458C-BAFB-8272BD2BBE4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.39:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA17BD7-A9FC-4FA3-88D4-38D9BD197963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "393240E7-FE4F-4535-B5F0-6609F4A01646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABEB364-389B-46AF-B04F-88EC3AF9DB8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35DD2182-B2D2-4BFB-BEE9-A9F0F8666791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C72359EA-1289-456C-BEB0-F7C910DE1A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "84ACF997-81AF-45EC-9200-2C63B37D93D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC2DF4F-7D02-4BCE-BD59-5482EFF9262C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FEF237-35BB-4298-B458-B933472D028B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE40F5BA-6174-4959-BFD1-CCECAB138009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*",
"matchCriteriaId": "4F785125-F530-4674-B2B3-0D97E8397391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*",
"matchCriteriaId": "5F59A308-7D1A-4C4F-A34C-27FDCF12E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FD7082-AC93-426F-9DA7-50CBFFDAC07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0576FE-F0BC-4DA7-B007-7DA49F369700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2826B3D-44E0-4D4B-A681-8C3DADF522F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "662AEDE4-698E-4C78-93B4-4B915749DF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "87E5107B-BDC2-4972-A3A4-AA6782E46B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6739BEA4-C75F-476E-AF5D-449D8236E042",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
},
{
"lang": "es",
"value": "El servicio IMAP para el MailEnable Professional y Enterprise Edition de la 2.0 a la 2.34 inclusive, Professional Edition de la 1.6 a la 1.83 inclusive, and Enterprise Edition de la 1.1 a la 1.40 inclusive, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante vectores sin especificar que disparan una referencia a un puntero nulo, como la tratada en el ME-10023 hotfix y diferente a la CVE-2006-6423. NOTA: algunos detalles se obtienen a partir de la informaci\u00f3n de terceros."
}
],
"id": "CVE-2006-6484",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-12T20:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23267"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6423
Vulnerability from fkie_nvd - Published: 2006-12-12 02:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45540A37-2CBF-453F-8EFF-696B9318499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39F83EAD-9296-4A24-BF7F-905CC93FEADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6FB230-80C5-4B8D-898E-8C298B2207C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A640E156-FF31-48E6-9D98-E2E669C01C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "04B96ED6-16EB-42A4-BDC6-0EE45EA38B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "455DD7A6-A83E-4200-B41B-505118FE8E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5462F1-B6D9-43F0-982C-2E4534E79E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3248B134-BF1F-4109-A0DC-DF9A01CC8156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "849A1A19-83BA-4984-947B-C47DAA515908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8E3C2B12-AF3A-44D9-9C91-58F4AB1FE188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "71A25D16-21ED-4EAD-A535-6000E77ECF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E7BAC3EA-3267-4AE2-A172-3B8D63B09B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5AC063-9D7B-45A2-9D90-B85E2DFBB6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CD73FDB9-4A1E-4A8A-A541-21C7726A152C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1491392B-467F-4CA0-B6D7-2A7478C4DFA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3F71BC-639F-4966-B05D-5E3BB9C5FA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "056C7707-A07C-4F4A-8390-97885581802F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "0025F745-D34D-4275-9A3B-5530B7A0A520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB9ECA3-FFF5-447D-B685-666669410D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B56A4283-E0DB-42CE-9551-FC3DBC7E50A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "F80F2B0F-8461-47C3-A07A-98681D255478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E1599A-9928-4A06-B650-1238D62CD2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E07825D6-EBA0-42B5-BE18-DA3D440A986D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "3C153370-5AD2-4020-9656-5BDD7644F692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "50451621-1AF5-4A17-9355-62D78DDAE7A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "EC62336F-5F8F-4FF7-B2FB-CBBBAEC77162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.36:*:*:*:*:*:*:*",
"matchCriteriaId": "75BF5AF2-FAD4-48B4-B893-035F5A82A58D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F5CF79-543F-4ECA-B5A3-5212A1D0A18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "D80141E2-F98C-458C-BAFB-8272BD2BBE4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.39:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA17BD7-A9FC-4FA3-88D4-38D9BD197963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "393240E7-FE4F-4535-B5F0-6609F4A01646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "D83D1EA7-A3D6-41AA-B922-18885328D292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B0743346-9637-498F-BAAF-B193E41A7927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*",
"matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el servicio IMAP para MailEnable Professional y Enterprise Edition 2.0 hasta 2.35, Professional Edition 1.6 hasta 1.84, y Enterprise Edition 1.1 hasta 1.41 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un comando de pre-autenticaci\u00f3n seguido de un par\u00e1metro manipulado y una cadena larga como se indica en la actualizaci\u00f3n r\u00e1pida (hotfix) ME-10025"
}
],
"id": "CVE-2006-6423",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-12T02:28:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://secunia.com/advisories/23201"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/2022"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-1275 (GCVE-0-2008-1275)
Vulnerability from cvelistv5 – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5235",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28154"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1275",
"datePublished": "2008-03-10T23:00:00",
"dateReserved": "2008-03-10T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1277 (GCVE-0-2008-1277)
Vulnerability from cvelistv5 – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1277",
"datePublished": "2008-03-10T23:00:00",
"dateReserved": "2008-03-10T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1276 (GCVE-0-2008-1276)
Vulnerability from cvelistv5 – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:33.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1276",
"datePublished": "2008-03-10T23:00:00",
"dateReserved": "2008-03-10T00:00:00",
"dateUpdated": "2024-08-07T08:17:33.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1301 (GCVE-0-2007-1301)
Vulnerability from cvelistv5 – Published: 2007-03-07 00:00 – Updated: 2024-08-07 12:50
VLAI?
Summary
Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0811",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24361"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1301",
"datePublished": "2007-03-07T00:00:00",
"dateReserved": "2007-03-06T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0652 (GCVE-0-2007-0652)
Vulnerability from cvelistv5 – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"refsource": "OSVDB",
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0652",
"datePublished": "2007-02-15T23:00:00",
"dateReserved": "2007-02-01T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0651 (GCVE-0-2007-0651)
Vulnerability from cvelistv5 – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "http://www.mailenable.com/Professional20-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"refsource": "OSVDB",
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"refsource": "OSVDB",
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"refsource": "OSVDB",
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0651",
"datePublished": "2007-02-15T23:00:00",
"dateReserved": "2007-02-01T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6964 (GCVE-0-2006-6964)
Vulnerability from cvelistv5 – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI?
Summary
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mailenable.com/Professional1-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6964",
"datePublished": "2007-01-29T16:00:00",
"dateReserved": "2007-01-29T00:00:00",
"dateUpdated": "2024-08-07T20:50:04.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6605 (GCVE-0-2006-6605)
Vulnerability from cvelistv5 – Published: 2006-12-19 19:00 – Updated: 2024-08-07 20:33
VLAI?
Summary
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017395",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2053"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2006-75/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6605",
"datePublished": "2006-12-19T19:00:00",
"dateReserved": "2006-12-17T00:00:00",
"dateUpdated": "2024-08-07T20:33:59.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6484 (GCVE-0-2006-6484)
Vulnerability from cvelistv5 – Published: 2006-12-12 20:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23267"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6484",
"datePublished": "2006-12-12T20:00:00",
"dateReserved": "2006-12-12T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6423 (GCVE-0-2006-6423)
Vulnerability from cvelistv5 – Published: 2006-12-12 02:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2006-73/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6423",
"datePublished": "2006-12-12T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1275 (GCVE-0-2008-1275)
Vulnerability from nvd – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5235",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5235",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5235"
},
{
"name": "mailenable-expn-vrfy-dos(41083)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41083"
},
{
"name": "28154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28154"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "ADV-2008-0800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0800/references"
},
{
"name": "29300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1275",
"datePublished": "2008-03-10T23:00:00",
"dateReserved": "2008-03-10T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1277 (GCVE-0-2008-1277)
Vulnerability from nvd – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-dos(41059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1277",
"datePublished": "2008-03-10T23:00:00",
"dateReserved": "2008-03-10T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1276 (GCVE-0-2008-1276)
Vulnerability from nvd – Published: 2008-03-10 23:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:33.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29277"
},
{
"name": "http://aluigi.altervista.org/adv/maildisable-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/maildisable-adv.txt"
},
{
"name": "5249",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5249"
},
{
"name": "ADV-2008-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0799/references"
},
{
"name": "3724",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3724"
},
{
"name": "20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489270/100/0/threaded"
},
{
"name": "1019565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019565"
},
{
"name": "28145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28145"
},
{
"name": "mailenable-imapservice-bo(41058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1276",
"datePublished": "2008-03-10T23:00:00",
"dateReserved": "2008-03-10T00:00:00",
"dateUpdated": "2024-08-07T08:17:33.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1301 (GCVE-0-2007-1301)
Vulnerability from nvd – Published: 2007-03-07 00:00 – Updated: 2024-08-07 12:50
VLAI?
Summary
Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0811",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0811",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0811"
},
{
"name": "mailenable-append-bo(32801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32801"
},
{
"name": "24361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24361"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "22792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22792"
},
{
"name": "1017739",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017739"
},
{
"name": "3397",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1301",
"datePublished": "2007-03-07T00:00:00",
"dateReserved": "2007-03-06T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0652 (GCVE-0-2007-0652)
Vulnerability from nvd – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33191",
"refsource": "OSVDB",
"url": "http://osvdb.org/33191"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0652",
"datePublished": "2007-02-15T23:00:00",
"dateReserved": "2007-02-01T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0651 (GCVE-0-2007-0651)
Vulnerability from nvd – Published: 2007-02-15 23:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "2258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-0651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2258"
},
{
"name": "23998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23998"
},
{
"name": "http://www.mailenable.com/Professional20-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"name": "33189",
"refsource": "OSVDB",
"url": "http://osvdb.org/33189"
},
{
"name": "33190",
"refsource": "OSVDB",
"url": "http://osvdb.org/33190"
},
{
"name": "mailenable-id-xss(32480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"name": "20070214 Secunia Research: MailEnable Web Mail Client MultipleVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"name": "33188",
"refsource": "OSVDB",
"url": "http://osvdb.org/33188"
},
{
"name": "ADV-2007-0595",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"name": "http://secunia.com/secunia_research/2007-38/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"name": "mailenable-email-messages-xss(32476)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"name": "22554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-0651",
"datePublished": "2007-02-15T23:00:00",
"dateReserved": "2007-02-01T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6964 (GCVE-0-2006-6964)
Vulnerability from nvd – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI?
Summary
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user\u0027s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mailenable.com/Professional1-ReleaseNotes.txt",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/Professional1-ReleaseNotes.txt"
},
{
"name": "1016337",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016337"
},
{
"name": "mailenable-listattachments-pass-disclosure(27185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6964",
"datePublished": "2007-01-29T16:00:00",
"dateReserved": "2007-01-29T00:00:00",
"dateUpdated": "2024-08-07T20:50:04.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6605 (GCVE-0-2006-6605)
Vulnerability from nvd – Published: 2006-12-19 19:00 – Updated: 2024-08-07 20:33
VLAI?
Summary
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "1017395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017395",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017395"
},
{
"name": "23127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23127"
},
{
"name": "2053",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2053"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "21645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21645"
},
{
"name": "20061218 Secunia Research: MailEnable POP Service \"PASS\" Command BufferOverflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454713/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2006-75/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-75/advisory/"
},
{
"name": "ADV-2006-5052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6605",
"datePublished": "2006-12-19T19:00:00",
"dateReserved": "2006-12-17T00:00:00",
"dateUpdated": "2024-08-07T20:33:59.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6484 (GCVE-0-2006-6484)
Vulnerability from nvd – Published: 2006-12-12 20:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21493"
},
{
"name": "mailenable-null-imap-dos(30797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30797"
},
{
"name": "23267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23267"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6484",
"datePublished": "2006-12-12T20:00:00",
"dateReserved": "2006-12-12T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6423 (GCVE-0-2006-6423)
Vulnerability from nvd – Published: 2006-12-12 02:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21492"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2006-73/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name": "2022",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2022"
},
{
"name": "21492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "mailenable-bounds-imap-bo(30796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name": "23201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23201"
},
{
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-6423",
"datePublished": "2006-12-12T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}