Vulnerability Report

CVE-2008-1276

RCE

Title: Mailenable Mailenable Professional RCE

RCE

Proof Of Concept

PoC Available for CVE-2008-1276

CWE Category CWE-119
Published Date Mar 10, 2008
Modified Date Apr 09, 2025
Exploit Status Available
Score 9.0 CVSS v2.0
Exploit Probability (EPSS)
13.14%

Vulnerability Summary

CVE-2008-1276: Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.

Impacted Vendors

M
mailenable 2

Reference Links

http://aluigi.altervista.org/adv/maildisable-adv.txt http://secunia.com/advisories/29277 http://securityreason.com/securityalert/3724 http://www.securityfocus.com/archive/1/489270/100/0/threaded http://www.securityfocus.com/bid/28145 http://www.securitytracker.com/id?1019565 http://www.vupen.com/english/advisories/2008/0799/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41058 https://www.exploit-db.com/exploits/5249 http://aluigi.altervista.org/adv/maildisable-adv.txt http://secunia.com/advisories/29277 http://securityreason.com/securityalert/3724 http://www.securityfocus.com/archive/1/489270/100/0/threaded http://www.securityfocus.com/bid/28145 http://www.securitytracker.com/id?1019565 http://www.vupen.com/english/advisories/2008/0799/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41058 https://www.exploit-db.com/exploits/5249
CVSS v2.0
Source Entity [email protected]
Severity HIGH
9.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:S/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2008-1276 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/5249
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:S/C:C/I:C/A:C

Affected Stack

No specific products linked.