5

CVE-2010-2580

The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MailenableMailenable Update- Editionpro Version <= 4.25
MailenableMailenable Version4.0 Update- Editionpro
MailenableMailenable Version4.1 Update- Editionpro
MailenableMailenable Version4.01 Update- Editionpro
MailenableMailenable Version4.11 Update- Editionpro
MailenableMailenable Version4.12 Update- Editionpro
MailenableMailenable Version4.13 Update- Editionpro
MailenableMailenable Version4.14 Update- Editionpro
MailenableMailenable Version4.15 Update- Editionpro
MailenableMailenable Version4.16 Update- Editionpro
MailenableMailenable Version4.17 Update- Editionpro
MailenableMailenable Version4.22 Update- Editionpro
MailenableMailenable Version4.23 Update- Editionpro
MailenableMailenable Version4.24 Update- Editionpro
MailenableMailenable Update- Editionstd Version <= 4.25
MailenableMailenable Version4.0 Update- Editionstd
MailenableMailenable Version4.01 Update- Editionstd
MailenableMailenable Version4.1 Update- Editionstd
MailenableMailenable Version4.13 Update- Editionstd
MailenableMailenable Version4.14 Update- Editionstd
MailenableMailenable Version4.16 Update- Editionstd
MailenableMailenable Version4.17 Update- Editionstd
MailenableMailenable Version4.22 Update- Editionstd
MailenableMailenable Version4.23 Update- Editionstd
MailenableMailenable Version4.24 Update- Editionstd
MailenableMailenable Update- Editionenterprise Version <= 4.25
MailenableMailenable Version4.0 Update- Editionenterprise
MailenableMailenable Version4.01 Update- Editionenterprise
MailenableMailenable Version4.1 Update- Editionenterprise
MailenableMailenable Version4.11 Update- Editionenterprise
MailenableMailenable Version4.12 Update- Editionenterprise
MailenableMailenable Version4.13 Update- Editionenterprise
MailenableMailenable Version4.14 Update- Editionenterprise
MailenableMailenable Version4.15 Update- Editionenterprise
MailenableMailenable Version4.16 Update- Editionenterprise
MailenableMailenable Version4.17 Update- Editionenterprise
MailenableMailenable Version4.22 Update- Editionenterprise
MailenableMailenable Version4.23 Update- Editionenterprise
MailenableMailenable Version4.24 Update- Editionenterprise
MailenableMailenable Version3.61 Update- Editionstd
MailenableMailenable Version3.62 Update- Editionstd
MailenableMailenable Version3.63 Update- Editionstd
MailenableMailenable Version3.0 Update- Editionpro
MailenableMailenable Version3.01 Update- Editionpro
MailenableMailenable Version3.02 Update- Editionpro
MailenableMailenable Version3.03 Update- Editionpro
MailenableMailenable Version3.04 Update- Editionpro
MailenableMailenable Version3.5 Update- Editionpro
MailenableMailenable Version3.6 Update- Editionpro
MailenableMailenable Version3.10 Update- Editionpro
MailenableMailenable Version3.11 Update- Editionpro
MailenableMailenable Version3.12 Update- Editionpro
MailenableMailenable Version3.13 Update- Editionpro
MailenableMailenable Version3.14 Update- Editionpro
MailenableMailenable Version3.51 Update- Editionpro
MailenableMailenable Version3.52 Update- Editionpro
MailenableMailenable Version3.53 Update- Editionpro
MailenableMailenable Version3.61 Update- Editionpro
MailenableMailenable Version3.62 Update- Editionpro
MailenableMailenable Version3.63 Update- Editionpro
MailenableMailenable Version3.0 Update- Editionenterprise
MailenableMailenable Version3.01 Update- Editionenterprise
MailenableMailenable Version3.02 Update- Editionenterprise
MailenableMailenable Version3.03 Update- Editionenterprise
MailenableMailenable Version3.04 Update- Editionenterprise
MailenableMailenable Version3.5 Update- Editionenterprise
MailenableMailenable Version3.6 Update- Editionenterprise
MailenableMailenable Version3.10 Update- Editionenterprise
MailenableMailenable Version3.11 Update- Editionenterprise
MailenableMailenable Version3.12 Update- Editionenterprise
MailenableMailenable Version3.13 Update- Editionenterprise
MailenableMailenable Version3.14 Update- Editionenterprise
MailenableMailenable Version3.51 Update- Editionenterprise
MailenableMailenable Version3.52 Update- Editionenterprise
MailenableMailenable Version3.53 Update- Editionenterprise
MailenableMailenable Version3.61 Update- Editionenterprise
MailenableMailenable Version3.62 Update- Editionenterprise
MailenableMailenable Version3.63 Update- Editionenterprise
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.18% 0.828
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.mailenable.com/hotfix/
Patch
Vendor Advisory