Mercur Messaging vulnerabilities
3 known vulnerabilities affecting mercur/mercur_messaging.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-1255P3CRITICALCVSS 10.0PoC≤ 2005_5.0_sp32006-03-19
CVE-2006-1255 [CRITICAL] CVE-2006-1255: Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remot
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
nvd
CVE-2005-1657P4HIGHCVSS 7.5v2005_sp22005-05-18
CVE-2005-1657 [HIGH] CVE-2005-1657: Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to
Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml.
nvd
CVE-2005-1656P4MEDIUMCVSS 5.0v2005_sp22005-05-18
CVE-2005-1656 [MEDIUM] CVE-2005-1656: Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL w
Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20").
nvd