Lucene search

[email protected]CVE-2006-1255

HistoryMar 19, 2006 - 1:02 a.m.

CVE-2006-1255

2006-03-1901:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1255

buffer overflow

imap

mercur messaging

remote attack

denial of service

arbitrary code

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.895 High

EPSS

Percentile

98.8%

JSON

Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.

Affected configurations

NVD

Node

mercurmercur_messagingRange≤2005_5.0_sp3

CPENameOperatorVersion
mercur:mercur_messagingmercur mercur messagingle2005_5.0_sp3

CPE	Name	Operator	Version
mercur:mercur_messaging	mercur mercur messaging	le	2005_5.0_sp3

References

seclists.org/fulldisclosure/2006/Mar/1111

seclists.org/fulldisclosure/2006/Mar/1167

secunia.com/advisories/19267

www.osvdb.org/23950

www.securityfocus.com/bid/17138

www.vupen.com/english/advisories/2006/0977

exchange.xforce.ibmcloud.com/vulnerabilities/25290

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.895 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2006-1255

prion1 cvelist2 nvd2 canvas1 saint4 nessus2 packetstorm2 openvas2 cve1 checkpoint_advisories1