NotCVE - vendor:"Icewarp" product:"Mail Server" version:"12.3.0.1"

6 results (0.004 seconds)

CVSS: 6.4EPSS: 12%CPEs: 2EXPL: 0

CVE-2021-36580

https://notcve.org/view.php?id=CVE-2021-36580

27 Jul 2023 — Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter. • http://icewarp.com • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 2

CVE-2020-14066

https://notcve.org/view.php?id=CVE-2020-14066

15 Jul 2020 — IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. IceWarp Email Server versión 12.3.0.1, permite a atacantes remotos cargar archivos JavaScript que son peligrosos para que los clientes accedan • https://github.com/pinpinsec/CVE-2020-14066 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 2

CVE-2020-14065

https://notcve.org/view.php?id=CVE-2020-14065

15 Jul 2020 — IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. IceWarp Email Server versión 12.3.0.1, permite a atacantes remotos cargar archivos y consumir espacio en disco • https://github.com/pinpinsec/CVE-2020-14065 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-14064

https://notcve.org/view.php?id=CVE-2020-14064

15 Jul 2020 — IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. IceWarp Email Server versión 12.3.0.1, presenta un Control de Acceso Incorrecto para las cuentas de usuario • https://github.com/networksecure/CVE-2020-14064 • CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-2049

https://notcve.org/view.php?id=CVE-2008-2049

01 May 2008 — The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message. El servidor POP3 (EPSTPOP3S.EXE) 4.22 en E-Post Mail Server 4.10 permite a atacantes remotos conseguir información sensible a través de múltiples comandos APOP manipulados para una cuenta POP3 conocida, la cual mostrará la contraseña en un mensaje de error del POP3. • http://secunia.com/advisories/29990 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 0

CVE-2006-0447

https://notcve.org/view.php?id=CVE-2006-0447

27 Jan 2006 — Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the (1) AUTH PLAIN or (2) AUTH LOGIN SMTP commands, which is not properly handled by (a) EPSTRS.EXE or (b) SPA-RS.EXE; (3) a long username in the APOP POP3 command, which is not properly handled by (c) EPSTPOP4S.EXE or (d) SPA-POP3S.EXE; (4) a long IMAP DELETE command, which is not properly handled by (e) EPSTIMAP4S.EXE or (f) SPA-IMAP4S.EXE. Múltiples d... • http://secunia.com/advisories/18480 •