CVE-2006-6290

Sažetak

Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command.

Reference

http://secunia.com/advisories/23047
http://secunia.com/advisories/23080
http://secunia.com/secunia_research/2006-71/advisory/
http://securitytracker.com/id?1017276
http://securitytracker.com/id?1017319
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/archive/1/453118/100/100/threaded
http://www.securityfocus.com/bid/21362
http://www.vupen.com/english/advisories/2006/4673
http://www.vupen.com/english/advisories/2006/4778
https://exchange.xforce.ibmcloud.com/vulnerabilities/30614

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-10-2018 - 21:47

Objavljeno

05-12-2006 - 11:28