MailEnable Multiple Remote Vulnerabilities

vendor:

MailEnable

by:

SecurityFocus

7.5

CVSS

HIGH

Buffer Overflow and Denial of Service

119, 400

CWE

Product Name: MailEnable

Affected Version From: 3.13

Affected Version To: 3.13

Patch Exists: Yes

Related CWE: N/A

CPE: a:mailenable:mailenable

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

MailEnable Multiple Remote Vulnerabilities

MailEnable is prone to multiple remote vulnerabilities in the IMAP service, including multiple buffer-overflow vulnerabilities and multiple denial-of-service vulnerabilities due to a NULL-pointer exception. An attacker may leverage these issues to execute arbitrary code in the context of the running application or to crash the application, causing a denial of service.

Mitigation:

Upgrade to the latest version of MailEnable.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/28145/info

MailEnable is prone to multiple remote vulnerabilities in the IMAP service, including:

- Multiple buffer-overflow vulnerabilities.
- Multiple denial-of-service vulnerabilities due to a NULL-pointer exception.

An attacker may leverage these issues to execute arbitrary code in the context of the running application or to crash the application, causing a denial of service.

These issues affect MailEnable 3.13; other versions may also be vulnerable. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31360-1.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31360-2.pl