Vulnerabilities > Mailenable > Mailenable Professional > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-10 | CVE-2008-1276 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mailenable Enterprise and Mailenable Professional Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands. | 9.0 |
| 2008-03-10 | CVE-2008-1277 | Improper Input Validation vulnerability in Mailenable Enterprise and Mailenable Professional The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference. | 9.0 |
| 2007-03-07 | CVE-2007-1301 | Remote Buffer Overflow vulnerability in MailEnable Append Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. | 9.0 |
| 2006-12-19 | CVE-2006-6605 | Remote Buffer Overflow vulnerability in Mailenable products Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command. | 10.0 |
| 2006-12-12 | CVE-2006-6423 | Remote Buffer Overflow vulnerability in MailEnable IMAP Service Login Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix. | 10.0 |
| 2006-10-10 | CVE-2006-5176 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mailenable Enterprise and Mailenable Professional Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages". | 9.3 |
| 2006-10-10 | CVE-2006-5177 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mailenable Enterprise and Mailenable Professional The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read. | 9.3 |
| 2006-04-15 | CVE-2006-1792 | Remote Security vulnerability in Mailenable products Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". | 10.0 |
| 2005-07-12 | CVE-2005-2222 | Remote Security vulnerability in MailEnable Professional Unknown vulnerability in the HTTPMail service in MailEnable Professional before 1.6 has unknown impact and attack vectors. | 10.0 |