CVE-2008-1276

MailEnable <3.13 - Buffer Overflow

Title source: llm

Description

Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by haluznik · perlremotewindows

https://www.exploit-db.com/exploits/5249

View Code ZIP pw:eip

References (9)

[Vendor Advisory] http://secunia.com/advisories/29277

[Third Party Advisory] http://aluigi.altervista.org/adv/maildisable-adv.txt

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5249

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/0799/references

[Third Party Advisory] http://securityreason.com/securityalert/3724

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/489270/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1019565

[Exploit] http://www.securityfocus.com/bid/28145

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/41058

Scores

EPSS 0.1315

EPSS Percentile 94.1%

Details

CWE

CWE-119

Status published

Products (2)

mailenable/mailenable_enterprise < 3.13

mailenable/mailenable_professional < 3.13

Published Mar 10, 2008

Tracked Since Feb 18, 2026