Mailcarrier

mailcarrier

Vendor: Tabslab • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-25646 1Tabslab 1Mailcarrier Mar 25, 2026 Mar 24, 2026 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the...Show more Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an oversized buffer to overwrite the EIP register and execute a bind shell payload.Show less
CVE-2019-25364 1Tabslab 1Mailcarrier Feb 24, 2026 Feb 18, 2026 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remote attackers to execute arbitrary code. Attackers can send a crafted oversized buffer to the POP3 service, overwriting me...Show more MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remote attackers to execute arbitrary code. Attackers can send a crafted oversized buffer to the POP3 service, overwriting memory and potentially gaining remote system access.Show less
CVE-2019-11682 1Tabslab 1Mailcarrier Nov 21, 2024 May 2, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395.
CVE-2019-11395 1Tabslab 1Mailcarrier Nov 21, 2024 Apr 22, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.