vendor:
Mail Enable Professional
by:
mu-b
7.5
CVSS
HIGH
Remote Code Execution
94
CWE
Product Name: Mail Enable Professional
Affected Version From: Mail Enable Professional v2.35 (win32)
Affected Version To: Mail Enable Professional v2.35 (win32)
Patch Exists: NO
Related CWE: CVE-2006-6500
CPE: a:mailenable:mail_enable_professional:2.35
Metasploit:
https://www.rapid7.com/db/vulnerabilities/mfsa2006-69-cve-2006-6500/, https://www.rapid7.com/db/vulnerabilities/mozilla-seamonkey-cve-2006-6500/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2006-6500/, https://www.rapid7.com/db/vulnerabilities/mozilla-thunderbird-cve-2006-6500/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2006-6500/
Platforms Tested: Windows
2006
Mail Enable Professional <=v2.35 Remote Exploit
This exploit targets a vulnerability in Mail Enable Professional version 2.35 for Windows. It allows an attacker to execute remote code on the vulnerable system.
Mitigation:
Upgrade Mail Enable Professional to a version that is not vulnerable.