CVE-2008-1276

Name of the Vulnerable Software and Affected Versions MailEnable Professional Edition versions 3.13 and earlier MailEnable Enterprise Edition versions 3.13 and earlier

Description The issue is related to multiple buffer overflows in the IMAP service, which can be exploited by remote authenticated attackers to execute arbitrary code. This can be achieved by providing long arguments to specific commands, including the FETCH, EXAMINE, and UNSUBSCRIBE commands.

Recommendations For MailEnable Professional Edition versions 3.13 and earlier, update to a version later than 3.13 to resolve the issue. For MailEnable Enterprise Edition versions 3.13 and earlier, update to a version later than 3.13 to resolve the issue. As a temporary workaround, consider restricting access to the IMAP service or limiting the length of arguments to the FETCH, EXAMINE, and UNSUBSCRIBE commands until a patch is available.