5 results (0.003 seconds)

CVSS: 10.0EPSS: 21%CPEs: 1EXPL: 1

WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are obtained from third party information. WebContainer.exe 1.0.0.336 y versiones anteriores, en SLMail Pro 6.3.1.0 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de demonio) o posiblemente ejecutar código de su elección a través de una URI larga en una petición HTTP al puerto TCP 801. NOTA: algún detalle ha sido obtenido de información de terceros. • https://www.exploit-db.com/exploits/31563 http://aluigi.org/poc/slmaildos.zip http://secunia.com/advisories/29614 http://www.securityfocus.com/bid/28505 http://www.vupen.com/english/advisories/2008/1039/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41531 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 2%CPEs: 6EXPL: 2

Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained from third party information. Vulnerabilidad de agotamiento de pila de WebContainer.exe 1.0.0.336 y versiones anteriores, en SLMail Pro 6.3.1.0 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante una cabecera de una petición larga en una petición HTTP al puerto TCP 801. NOTA: algún detalle ha sido obtenido de información de terceros. • http://aluigi.altervista.org/adv/slmaildos-adv.txt http://aluigi.org/poc/slmaildos.zip http://secunia.com/advisories/29614 http://www.securityfocus.com/bid/28505 http://www.vupen.com/english/advisories/2008/1039/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41532 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (UDP service outage) via a large packet to UDP port 54. NOTE: some of these details are obtained from third party information. Vulnerabilidad sin especificar en SLMail.exe de SLMail Pro 6.3.1.0 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (parada del servicio UDP) mediante un paquete largo al puerto UDP 54. NOTA: algún detalle ha sido obtenido de información de terceros. • http://aluigi.altervista.org/adv/slmaildos-adv.txt http://secunia.com/advisories/29614 http://www.securityfocus.com/bid/28505 http://www.vupen.com/english/advisories/2008/1039/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41533 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 4%CPEs: 10EXPL: 1

Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version. • http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf http://marc.info/?l=bugtraq&m=107850488326232&w=2 http://www.nextgenss.com/advisories/slmailsrc.txt http://www.securityfocus.com/bid/9809 https://exchange.xforce.ibmcloud.com/vulnerabilities/15398 •

CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 0

Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll. • http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf http://marc.info/?l=bugtraq&m=107850432827699&w=2 http://www.nextgenss.com/advisories/slmailwm.txt http://www.securityfocus.com/bid/9808 https://exchange.xforce.ibmcloud.com/vulnerabilities/15399 •