Page 2 of 12 results (0.004 seconds)

CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 0

Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll. • http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf http://marc.info/?l=bugtraq&m=107850432827699&w=2 http://www.nextgenss.com/advisories/slmailwm.txt http://www.securityfocus.com/bid/9808 https://exchange.xforce.ibmcloud.com/vulnerabilities/15399 •

CVSS: 7.5EPSS: 24%CPEs: 1EXPL: 9

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. Múltiples desbordamientos de búfer en SLMail 5.1.0.4420 permite que atacantes remotos ejecuten código arbitrario mediante (1) un argumento EHLO largo a slmail.exe, (2) un argumento XTRN largo a slmail.exe, (3) una cadena larga para POPPASSWD, o (4) un password largo para el servidor POP3. • https://github.com/mednic/slmail-exploit https://www.exploit-db.com/exploits/638 https://www.exploit-db.com/exploits/643 https://www.exploit-db.com/exploits/646 https://www.exploit-db.com/exploits/16399 https://github.com/nobodyatall648/CVE-2003-0264 https://github.com/war4uthor/CVE-2003-0264 https://github.com/adenkiewicz/CVE-2003-0264 https://github.com/pwncone/CVE-2003-0264-SLmail-5.5 http://marc.info/?l=bugtraq&m=105232506011335&w=2 http://marc.info/ •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1

The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. • https://www.exploit-db.com/exploits/19914 http://archives.neohapsis.com/archives/bugtraq/2000-05/0160.html http://www.securityfocus.com/bid/1203 •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. • http://marc.info/?l=ntbugtraq&m=93316253431588&w=2 http://www.securityfocus.com/bid/544 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user. • http://marc.info/?l=bugtraq&m=91996412724720&w=2 http://marc.info/?l=ntbugtraq&m=91999015212415&w=2 http://marc.info/?l=ntbugtraq&m=92110501504997&w=2 http://www.securityfocus.com/bid/497 https://exchange.xforce.ibmcloud.com/vulnerabilities/5392 •