CVE-2007-1301

Sažetak

Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.

Reference

http://secunia.com/advisories/24361
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/bid/22792
http://www.securitytracker.com/id?1017739
http://www.vupen.com/english/advisories/2007/0811
https://exchange.xforce.ibmcloud.com/vulnerabilities/32801
https://www.exploit-db.com/exploits/3397

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-10-2017 - 01:31

Objavljeno

07-03-2007 - 00:19