Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-6423

Опубликовано: 12 дек. 2006
Источник: nvd
CVSS2: 10
EPSS Средний

Описание

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.11:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.12:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.13:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.14:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.16:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.17:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.18:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.19:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.21:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.22:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.23:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.24:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.25:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.26:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.27:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.28:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.29:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.30:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.31:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.32:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.33:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.34:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.35:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.36:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.37:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.38:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.39:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.40:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:2.35:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.45762
Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-ff9v-9xjv-cj27

github
почти 4 года назад

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

EPSS

Процентиль: 98%
0.45762
Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other