CVE-2006-6291

Published: Dec 5, 2006Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability: 8.0 / Impact: 6.9

Source: NVD

Description

Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.

Affected (4)

Products: Mailenable: Mailenable

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mailenable Mailenable	From 1.1 to 1.40
Mailenable Mailenable	From 2.0 to 2.33
Mailenable Mailenable	From 1.6 to 1.83
Mailenable Mailenable	From 2.0 to 2.33

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (18)

http://secunia.com/advisories/23080

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/secunia_research/2006-71/advisory/

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1017276

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://securitytracker.com/id?1017319

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.mailenable.com/hotfix/

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/453118/100/100/threaded

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/21362

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2006/4778

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/30614

Source: cve@mitre.org

VDB Entry

http://secunia.com/advisories/23080

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/secunia_research/2006-71/advisory/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1017276

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://securitytracker.com/id?1017319

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.mailenable.com/hotfix/

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/archive/1/453118/100/100/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/21362

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2006/4778

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/30614

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

Timeline

No history available yet.