Double Precision Incorporated

double_precision_incorporated

8 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Courier Mail Server

courier_mail_server

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-2173 1Double Precision Incorporated 1Courier Imap Apr 23, 2026 Apr 24, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands...Show more Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.Show less
CVE-2006-2659 1Double Precision Incorporated 1Courier Mta Apr 16, 2026 May 30, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled d...Show more libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.Show less
CVE-2005-3532 1Double Precision Incorporated 1Courier Mail Server Apr 16, 2026 Dec 11, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticat...Show more authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.Show less
CVE-2005-2151 1Double Precision Incorporated 1Courier Mail Server Apr 16, 2026 Jul 6, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption.
CVE-2004-0224 3Double Precision Incorporated GentooInter7 4Courier Imap Courier MtaLinux+1 more Apr 16, 2026 Apr 15, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character i...Show more Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."Show less
CVE-2003-0040 2Double Precision Incorporated Inter7 2Courier Imap Courier Mta Apr 16, 2026 Feb 19, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.
CVE-2002-1311 1Double Precision Incorporated 1Courier Mta Apr 16, 2026 Nov 29, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.
CVE-2002-0914 1Double Precision Incorporated 1Courier Mta Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop.