Denial of Service in MailEnable Professional and Enterprise Editions
CVE-2008-1277

Currently unrated

Key Information:

Vendor

Mailenable

Status
Mailenable Enterprise
Mailenable Professional
Vendor
CVE Published:
10 March 2008

What is CVE-2008-1277?

The IMAP service in MailEnable Professional and Enterprise Editions prior to version 3.13 is vulnerable to denial of service attacks. Remote attackers can exploit this vulnerability by sending specially crafted SEARCH and APPEND commands without required arguments. This leads to a NULL pointer dereference, ultimately causing the service to crash, disrupting communication for users relying on MailEnable for their email services.

References

http://secunia.com/advisories/29277
third-party-advisoryx_refsource_SECUNIA
http://aluigi.altervista.org/adv/maildisable-adv.txt
x_refsource_MISC
http://www.vupen.com/english/advisories/2008/0799/references
vdb-entryx_refsource_VUPEN

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.