CVE-2006-6291 — MEDIUM (6.8)

Q: How severe is CVE-2006-6291?

CVE-2006-6291 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-6291?

Check the references section above for vendor advisories and patch information. Affected products include: Mailenable Mailenable.

Vulnerability Description

Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.

CVSS Score

6.8

MEDIUM

AV:N/AC:L/Au:S/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Mailenable	Mailenable	>= 1.1, <= 1.40

Related Weaknesses (CWE)

CWE-119

References

http://secunia.com/advisories/23080PatchVendor Advisory
http://secunia.com/secunia_research/2006-71/advisory/Vendor Advisory
http://securitytracker.com/id?1017276Third Party AdvisoryVDB Entry
http://securitytracker.com/id?1017319Third Party AdvisoryVDB Entry
http://www.mailenable.com/hotfix/Patch
http://www.securityfocus.com/archive/1/453118/100/100/threadedThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/21362Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2006/4778Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30614VDB Entry
http://secunia.com/advisories/23080PatchVendor Advisory
http://secunia.com/secunia_research/2006-71/advisory/Vendor Advisory
http://securitytracker.com/id?1017276Third Party AdvisoryVDB Entry
http://securitytracker.com/id?1017319Third Party AdvisoryVDB Entry
http://www.mailenable.com/hotfix/Patch
http://www.securityfocus.com/archive/1/453118/100/100/threadedThird Party AdvisoryVDB Entry

FAQ

What is CVE-2006-6291?

CVE-2006-6291 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authent...

How severe is CVE-2006-6291?

CVE-2006-6291 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-6291?

Check the references section above for vendor advisories and patch information. Affected products include: Mailenable Mailenable.