Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1276

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-1276
Last Modified 07 Mar 2011 10:06:26
Published 10 Mar 2008 07:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-1276

Summary

Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.

Vulnerable Systems

Application

  • Mailenable Enterprise 3.13

  • Mailenable Professional 3.13


References

XF - mailenable-imapservice-bo(41058)

VUPEN - ADV-2008-0799

SECTRACK - 1019565

BID - 28145

BUGTRAQ - 20080307 Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13

MILW0RM - 5249

SREASON - 3724

SECUNIA - 29277

MISC - http://aluigi.altervista.org/adv/maildisable-adv.txt


Last Updated: 27 May 2016 10:47:06