CVE-2005-3690
published 2005-11-19CVE-2005-3690: Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
5.17%
91.4th percentile
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mailenable | mailenable_enterprise | <= 1.1 | — |
| mailenable | mailenable_enterprise | — | — |
| mailenable | mailenable_professional | <= 1.6 | — |
| mailenable | mailenable_professional | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rvxj-mg82-9qp8: Stack-based buffer overflow in the IMAP service (meimaps
ghsa_unreviewed·2022-05-01
CVE-2005-3690 [HIGH] GHSA-rvxj-mg82-9qp8: Stack-based buffer overflow in the IMAP service (meimaps
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
GHSA
GHSA-5hpm-j5wf-6662: IMAP service (meimaps
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2005-3813 [HIGH] GHSA-5hpm-j5wf-6662: IMAP service (meimaps
IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authenticated attackers to cause a denial of service (application crash) by using RENAME with a non-existent mailbox, a different vulnerability than CVE-2005-3690.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0581.htmlhttp://secunia.com/advisories/17633http://secunia.com/secunia_research/2005-59/advisory/http://securitytracker.com/id?1015239http://www.mailenable.com/hotfix/http://www.osvdb.org/20929http://www.securityfocus.com/bid/15492http://www.vupen.com/english/advisories/2005/2484https://exchange.xforce.ibmcloud.com/vulnerabilities/23110http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0581.htmlhttp://secunia.com/advisories/17633http://secunia.com/secunia_research/2005-59/advisory/http://securitytracker.com/id?1015239http://www.mailenable.com/hotfix/http://www.osvdb.org/20929http://www.securityfocus.com/bid/15492http://www.vupen.com/english/advisories/2005/2484https://exchange.xforce.ibmcloud.com/vulnerabilities/23110
2005-11-19
Published