Mati Aharoni

Pesquisador deOffensive Security
#11458de 53,635
24CVSS total
Vulnerabilidades · 4
Média
3
Alta
1
PT-2008-3386
5.0
2008-04-16
Mcafee · Mcafee Common Management Agent · CVE-2008-1855
**Name of the Vulnerable Software and Affected Versions** McAfee Common Management Agent (CMA) versions 3.6.0.574 Patch 3 and earlier **Description** The issue allows remote attackers to corrupt memory and cause a denial of service, resulting in the CMA Framework service crash. This can be achieved by sending requests for the "/spin//AVClient//AVClient.csp" URI with a long invalid method. **Recommendations** For McAfee Common Management Agent (CMA) versions 3.6.0.574 Patch 3 and earlier, consider restricting access to the "/spin//AVClient//AVClient.csp" URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2005-5088
6.5
2005-12-20
Mailenable · Mailenable Professional · CVE-2005-4402
**Name of the Vulnerable Software and Affected Versions** MailEnable Professional versions 1.71 and earlier MailEnable Enterprise versions 1.1 and earlier **Description** The issue allows remote authenticated users to execute arbitrary code via a long IMAP EXAMINE command, which is a buffer overflow. **Recommendations** For MailEnable Professional versions 1.71 and earlier, update to a version later than 1.71 to resolve the issue. For MailEnable Enterprise versions 1.1 and earlier, update to a version later than 1.1 to resolve the issue.
PT-2005-1833
5.0
2005-03-20
Mailenable · Mailenable · CVE-2005-0804
**Name of the Vulnerable Software and Affected Versions** MailEnable version 1.8 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by using format string specifiers in the `mailto` field. **Recommendations** For MailEnable version 1.8, consider restricting access to the mailto field to minimize the risk of exploitation until a patch is available.
PT-2005-1416
7.5
2005-02-10
Savant · Savant Web Server · CVE-2005-0338
**Name of the Vulnerable Software and Affected Versions** Savant Web Server version 3.1 **Description** The issue allows remote attackers to execute arbitrary code via a long HTTP request, due to a buffer overflow. **Recommendations** For Savant Web Server version 3.1, update to a version that fixes the buffer overflow issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.