Mailenable : Security Vulnerabilities, CVEs, Published In 2005
MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via several "..." (triple dot) sequences in a UID FETCH command.
Max CVSS
7.5
EPSS Score
0.90%
Published
2005-12-21
Updated
2008-09-05
Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. NOTE: it is possible that these are alternate vectors for the issue described in CVE-2005-4402.
Max CVSS
7.8
EPSS Score
1.32%
Published
2005-12-21
Updated
2008-09-05
Buffer overflow in MailEnable Professional 1.71 and earlier, and Enterprise 1.1 and earlier, allows remote authenticated users to execute arbitrary code via a long IMAP EXAMINE command.
Max CVSS
6.5
EPSS Score
1.39%
Published
2005-12-20
Updated
2016-10-18
Multiple unspecified vulnerabilities in MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allow attackers to cause a denial of service (crash) via invalid IMAP commands.
Max CVSS
7.8
EPSS Score
0.54%
Published
2005-12-05
Updated
2011-03-08
IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authenticated attackers to cause a denial of service (application crash) by using RENAME with a non-existent mailbox, a different vulnerability than CVE-2005-3690.
Max CVSS
4.0
EPSS Score
1.86%
Published
2005-11-26
Updated
2018-10-19
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
Max CVSS
7.5
EPSS Score
9.43%
Published
2005-11-19
Updated
2017-07-11
CVE-2005-3155
Public exploit
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
77.90%
Published
2005-10-05
Updated
2008-09-05
CVE-2005-2278
Public exploit
Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
Max CVSS
7.2
EPSS Score
93.98%
Published
2005-07-18
Updated
2016-10-18
Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication.
Max CVSS
5.0
EPSS Score
0.76%
Published
2005-07-12
Updated
2008-09-05
Unknown vulnerability in the HTTPMail service in MailEnable Professional before 1.6 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.27%
Published
2005-07-12
Updated
2008-09-05
Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).
Max CVSS
5.0
EPSS Score
0.33%
Published
2005-05-31
Updated
2008-09-05
CVE-2005-1348
Public exploit
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
Max CVSS
7.5
EPSS Score
89.91%
Published
2005-05-02
Updated
2016-10-18
Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
Max CVSS
10.0
EPSS Score
0.34%
Published
2005-05-02
Updated
2008-09-05
Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command.
Max CVSS
7.5
EPSS Score
6.49%
Published
2005-05-02
Updated
2017-07-11
The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string.
Max CVSS
5.0
EPSS Score
4.94%
Published
2005-05-02
Updated
2017-07-11
Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field.
Max CVSS
5.0
EPSS Score
2.88%
Published
2005-05-02
Updated
2016-10-18
16 vulnerabilities found