CVE-2006-6291

Sažetak

Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.

Reference

http://secunia.com/advisories/23080
http://secunia.com/secunia_research/2006-71/advisory/
http://securitytracker.com/id?1017276
http://securitytracker.com/id?1017319
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/archive/1/453118/100/100/threaded
http://www.securityfocus.com/bid/21362
http://www.vupen.com/english/advisories/2006/4778
https://exchange.xforce.ibmcloud.com/vulnerabilities/30614

CVSS

Base:	6.8
Impact:	6.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:N/A:C

Zadnje važnije ažuriranje

03-10-2019 - 17:22

Objavljeno

05-12-2006 - 11:28