CVE-2006-6024
https://notcve.org/view.php?id=CVE-2006-6024
Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" modules in VulnDisco Pack. NOTE: Some of these details are obtained from third party information. As of 20061118, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Múltiples desbordamientos de búfer en Eudora Worldmail, posiblemente Worldmail 3 versión 6.1.22.0, tiene impacto y vectores de ataque desconocidos, como ha sido demostrado por los módulos (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" en VulnDisco Pack. • http://secunia.com/advisories/22832 http://web.archive.org/web/20060502082657/http://www.gleg.net/vulndisco_pack_standard.shtml http://www.securityfocus.com/bid/21095 •
CVE-2006-0637 – Eudora Qualcomm WorldMail 3.0 - 'IMAPd' Remote Overflow
https://notcve.org/view.php?id=CVE-2006-0637
Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than CVE-2005-4267, so it might be a different vulnerability than CVE-2005-4267. • https://www.exploit-db.com/exploits/1380 http://www.securityfocus.com/archive/1/424157/100/0/threaded •
CVE-2005-4267 – Eudora Qualcomm WorldMail 3.0 - 'IMAPd' Remote Overflow
https://notcve.org/view.php?id=CVE-2005-4267
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands. • https://www.exploit-db.com/exploits/1380 https://www.exploit-db.com/exploits/16474 http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html http://secunia.com/advisories/17640 http://securityreason.com/securityalert/277 http://securitytracker.com/id?1015391 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359 http://www.securityfocus.com/bid/15980 http://www.vupen.com/english/advisories/2005/3005 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-3189 – Qualcomm WorldMail Server 3.0 - Directory Traversal
https://notcve.org/view.php?id=CVE-2005-3189
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command. • https://www.exploit-db.com/exploits/26536 http://secunia.com/advisories/17640 http://securityreason.com/securityalert/192 http://securitytracker.com/id?1015236 http://www.idefense.com/application/poi/display?id=341&type=vulnerabilities http://www.securityfocus.com/bid/15488 http://www.vupen.com/english/advisories/2005/2479 •