PT-2007-2392 · Mailenable · Mailenable Professional

Mu-B

Publicado

2007-02-15

Atualizado

2019-10-02

CVE-2007-0955

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: MailEnable Professional versions 2.35 and earlier

Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending certain base64-encoded data following an AUTHENTICATE NTLM command to the imap port (143/tcp), which leads to an out-of-bounds read.

Recommendations: For MailEnable Professional versions 2.35 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-0955

Produtos afetados

Mailenable Professional

PT-2007-2392 · Mailenable · Mailenable Professional

CVE-2007-0955

Identificadores relacionados

Produtos afetados

Referências · 12