Approved changes feed: RSS · Atom

cpe:2.3:a:mailenable:mailenable:*:*:*:*:professional:*:*:*

part: a version: * update: *

VendorMailenable (ac781917-bc09-5845-a37c-c45d67bfa524)
ProductMailenable (9e2ec56e-3deb-5201-b101-fcc46de7b710)
Edition*
Language*
Software editionprofessional
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-42136 vulnerable 2026-06-08 05:49:29.510658 Details available
Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access. That action, could lead an attacker to store arbitrary code on that files and execute RCE commands.
Published: 2023-01-13T00:00:00.000Z
Updated: 2025-04-07T18:57:17.268Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-0955 vulnerable 2026-06-08 04:49:33.868599 Details available
The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable Professional 2.35 and earlier allows remote attackers to cause a denial of service (application crash) via certain base64-encoded data following an AUTHENTICATE NTLM command to the imap port (143/tcp), which results in an out-of-bounds read.
Published: 2007-02-15T02:00:00.000Z
Updated: 2024-08-07T12:34:21.422Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-6291 vulnerable 2026-06-08 04:49:28.584841 Details available
Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.
Published: 2006-12-05T11:00:00.000Z
Updated: 2024-08-07T20:19:35.214Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.