PT-2006-2347 · Mailenable · Mailenable Enterprise Edition+2
Published
2006-03-20
·
Updated
2017-07-20
·
CVE-2006-1338
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
MailEnable Standard Edition versions 1.92 and prior
MailEnable Professional Edition versions 1.72 and prior
MailEnable Enterprise Edition versions 1.2 and prior
Description
The issue allows remote attackers to cause a denial of service or potentially execute arbitrary code. This can be achieved through unspecified vectors involving incorrectly encoded quoted-printable emails or a boundary error in the handling of certain POP3 pre-authentication commands. When a malformed quoted-printable email is viewed, it can consume a large amount of CPU resources.
Recommendations
For MailEnable Standard Edition versions 1.92 and prior, update to version 1.93 or later.
For MailEnable Professional Edition versions 1.72 and prior, update to version 1.73 or later.
For MailEnable Enterprise Edition versions 1.2 and prior, update to version 1.21 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mailenable Enterprise Edition
Mailenable Professional Edition
Mailenable Standard Edition