6.8
CVE-2006-6291
- EPSS 3%
- Veröffentlicht 05.12.2006 11:28:00
- Zuletzt bearbeitet 16.06.2026 22:32:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginStack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mailenable ≫ Mailenable SwEditionenterprise Version >= 1.1 <= 1.40
Mailenable ≫ Mailenable SwEditionprofessional Version >= 1.6 <= 1.83
Mailenable ≫ Mailenable SwEditionenterprise Version >= 2.0 <= 2.33
Mailenable ≫ Mailenable SwEditionprofessional Version >= 2.0 <= 2.33
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3% | 0.856 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www.mailenable.com/hotfix/
http://secunia.com/advisories/23080
http://secunia.com/secunia_research/2006-71/advisory/
http://securitytracker.com/id?1017276
http://securitytracker.com/id?1017319
http://www.securityfocus.com/archive/1/453118/100/100/threaded
http://www.securityfocus.com/bid/21362
http://www.vupen.com/english/advisories/2006/4778
https://exchange.xforce.ibmcloud.com/vulnerabilities/30614