Vulnerabilities > Incredimail > Incredimail

DATE CVE VULNERABILITY TITLE RISK
2013-08-25 CVE-2010-5289 Buffer Errors vulnerability in Incredimail 2.0
Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll in IncrediMail 2.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in the first argument.
network
low complexity
incredimail CWE-119
7.5
2008-12-11 CVE-2008-5429 Resource Management Errors vulnerability in Incredimail 5.85
Incredimail build 5853710 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.
4.3
2002-08-12 CVE-2002-0455 Unspecified vulnerability in Incredimail Build1400185/Build560/Build618
IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames.
network
low complexity
incredimail
5.0
2001-09-20 CVE-2001-0642 Directory Traversal vulnerability in Incredimail 2.0
Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending ..
local
low complexity
incredimail
2.1