Page 3 of 18 results (0.002 seconds)

CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 1

CVE-2004-0777 – Courier-IMAP 3.0.2-r1 - 'auth_debug()' Remote Format String

https://notcve.org/view.php?id=CVE-2004-0777

Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code. Vulnerabilidad de cadena de formato en la función auth_debug en Courier-IMAP 1.6.0 a 2.2.1, cuando se activa el registro de depuración (DEBUG_LOGIN), permite a atacantes remotos ejecutar código de su elección. • https://www.exploit-db.com/exploits/432 http://security.gentoo.org/glsa/glsa-200408-19.xml http://www.securityfocus.com/bid/10976 http://www.trustix.net/errata/2004/0043 http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=131 https://exchange.xforce.ibmcloud.com/vulnerabilities/17034 • CWE-134: Use of Externally-Controlled Format String •

CVSS: 6.8EPSS: 91%CPEs: 1EXPL: 2

CVE-2004-0591 – SqWebMail 4.0.4.20040524 - Email Header HTML Injection

https://notcve.org/view.php?id=CVE-2004-0591

Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función print_header_uc de SqWebMail 4.0.4 y anteriores, y posiblemente 3.x, permite a atacantes remotos inyectar script web arbitrario o HTML mediante (1) cabeceras de correo electrónico o (2) un mensaje con un "message/delivery-status" MIME Content-Type. • https://www.exploit-db.com/exploits/24227 http://marc.info/?l=bugtraq&m=108786212220140&w=2 http://secunia.com/advisories/11918 http://www.debian.org/security/2004/dsa-533 http://www.gentoo.org/security/en/glsa/glsa-200408-02.xml http://www.securityfocus.com/bid/10588 https://exchange.xforce.ibmcloud.com/vulnerabilities/16467 •

CVSS: 7.5EPSS: 4%CPEs: 22EXPL: 0

CVE-2004-0224

https://notcve.org/view.php?id=CVE-2004-0224

Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range." Múltiples desobordamientos de búfer en (1) iso2022jp.c o (2) shiftjis.c de Courier-IMAP anteriores a 3.0.0, Courier anteriores a 0.45, y SQWebMail anteriores a 4.0.0 pueden permitir a atacantes remotos ejecutar código arbitrario "cuando el carácter Unicode está fuera de rango BMP". • http://secunia.com/advisories/11087 http://sourceforge.net/project/shownotes.php?release_id=5767 http://www.securityfocus.com/bid/9845 https://exchange.xforce.ibmcloud.com/vulnerabilities/15434 •

CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 3

CVE-2002-1414 – qmailadmin 1.0.x - Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2002-1414

Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable. Desbordamiento de búfer en qmailadmin permite a usuarios locales ganar privilegios mediante una varibale de entorno QMAILADMIN_TEMPLATEDIR larga. • https://www.exploit-db.com/exploits/21683 http://archives.neohapsis.com/archives/bugtraq/2002-08/0016.html http://marc.info/?l=vuln-dev&m=102859603029424&w=2 http://www.inter7.com/qmailadmin/ChangeLog http://www.iss.net/security_center/static/9786.php http://www.securityfocus.com/bid/5404 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2003-0040

https://notcve.org/view.php?id=CVE-2003-0040

SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. Vulnerabilidad de inyección de SQL en módulo auth de PostgreSQL en courier 0.40 y anteriores permite a atacantes remotos ejecutar código SQL mediante el nombre de usuario. • http://www.debian.org/security/2003/dsa-247 http://www.securityfocus.com/bid/6738 https://exchange.xforce.ibmcloud.com/vulnerabilities/11213 •