CVE-2005-3690

Name of the Vulnerable Software and Affected Versions MailEnable Professional versions 1.6 and earlier MailEnable Enterprise versions 1.1 and earlier

Description The issue is related to a stack-based buffer overflow in the IMAP service of MailEnable, which can be exploited by remote attackers to execute arbitrary code. This can be achieved by providing a long mailbox name in various IMAP commands, including select, create, delete, rename, subscribe, or unsubscribe.

Recommendations For MailEnable Professional versions 1.6 and earlier, update to a version later than 1.6 to resolve the issue. For MailEnable Enterprise versions 1.1 and earlier, update to a version later than 1.1 to resolve the issue. As a temporary workaround, consider restricting access to the IMAP service or limiting the length of mailbox names to minimize the risk of exploitation.