CVE-2005-1349

Convert::UUlib < 1.050 - Buffer Overflow via Malformed Read Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1349. PoCs published by CorryL.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in MailEnable (Enterprise & Professional) via an HTTP request with a maliciously crafted Authorization header. It delivers a shellcode payload to add an administrator user (hack/hack).

Description

Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation.

Exploits (1)

exploitdb WORKING POC VERIFIED
by CorryL · perlremotelinux
https://www.exploit-db.com/exploits/25547

This exploit targets a buffer overflow vulnerability in MailEnable (Enterprise & Professional) via an HTTP request with a maliciously crafted Authorization header. It delivers a shellcode payload to add an administrator user (hack/hack).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MailEnable (Enterprise & Professional)
No auth needed
Prerequisites: Network access to the target's MailEnable HTTPS service (port 8080) · Vulnerable version of MailEnable installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/13401
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/20275
Patch third-party-advisory x_refsource_secunia
http://secunia.com/advisories/15130
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:022
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200504-26.xml

Scores

EPSS 0.1284
EPSS Percentile 95.8%

Details

Status published
Products (1)
perl/convert_uulib < 1.050
Published May 02, 2005
Tracked Since Feb 18, 2026