Vulnerability Description
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mailenable | Mailenable Enterprise | <= 3.13 |
| Mailenable | Mailenable Professional | <= 3.13 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/maildisable-adv.txt
- http://secunia.com/advisories/29277Vendor Advisory
- http://securityreason.com/securityalert/3724
- http://www.securityfocus.com/archive/1/489270/100/0/threaded
- http://www.securityfocus.com/bid/28145Exploit
- http://www.securitytracker.com/id?1019565
- http://www.vupen.com/english/advisories/2008/0799/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41058
- https://www.exploit-db.com/exploits/5249
- http://aluigi.altervista.org/adv/maildisable-adv.txt
- http://secunia.com/advisories/29277Vendor Advisory
- http://securityreason.com/securityalert/3724
- http://www.securityfocus.com/archive/1/489270/100/0/threaded
- http://www.securityfocus.com/bid/28145Exploit
- http://www.securitytracker.com/id?1019565
FAQ
What is CVE-2008-1276?
CVE-2008-1276 is a vulnerability with a CVSS score of 9.0 (HIGH). Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code vi...
How severe is CVE-2008-1276?
CVE-2008-1276 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1276?
Check the references section above for vendor advisories and patch information. Affected products include: Mailenable Mailenable Enterprise, Mailenable Mailenable Professional.