CVE-2005-4456

Published: Dec 21, 2005Modified: Apr 16, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. NOTE: it is possible that these are alternate vectors for the issue described in CVE-2005-4402.

Affected (2)

Products: Mailenable: Mailenable Enterprise, Mailenable Professional

2 products

Mailenable Enterprise

Mailenable Professional

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Mailenable Mailenable Enterprise	Version 1.1
Mailenable Mailenable Professional	Version 1.71

References (6)

http://seclists.org/lists/fulldisclosure/2005/Dec/1036.html

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://secunia.com/advisories/18134

Source: cve@mitre.org

http://www.securityfocus.com/bid/15985

Source: cve@mitre.org

Exploit

http://seclists.org/lists/fulldisclosure/2005/Dec/1036.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://secunia.com/advisories/18134

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15985

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.