Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4456

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2005-4456
Last Modified 05 Sep 2008 04:56:56
Published 21 Dec 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4456

Summary

Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. NOTE: it is possible that these are alternate vectors for the issue described in CVE-2005-4402.

Vulnerable Systems

Application

  • Mailenable Enterprise 1.1

  • Mailenable Professional 1.71


References

FULLDISC - 20051220 [ACSSEC-2005-11-27-0x2] Remote Overflows in Mailenable Enterprise 1.1 / Professional 1.7

BID - 15985

SECUNIA - 18134


Last Updated: 27 May 2016 10:41:18