Описание
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 2.35 (включая)Версия до 2.35 (включая)Версия до 1.98 (включая)
Одно из
cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_standard:*:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.51974
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
EPSS
Процентиль: 98%
0.51974
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other