CVE-2004-2726

Name of the Vulnerable Software and Affected Versions MailEnable Professional version 1.18

Description The HTTPMail service in MailEnable Professional does not properly handle arguments to the Authorization header, allowing remote attackers to cause a denial of service, resulting in a null dereference and application crash.

Recommendations For MailEnable Professional version 1.18, consider restricting access to the Authorization header until a patch is available. As a temporary workaround, disabling the HTTPMail service may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.