Incredimail : Security Vulnerabilities, CVEs, (Denial of service)
Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Pop ActiveX control in ImSpoolU.dll in IncrediMail 2.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in the first argument.
Max CVSS
7.5
EPSS Score
2.43%
Published
2013-08-25
Updated
2013-08-27
Incredimail build 5853710 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.
Max CVSS
4.3
EPSS Score
0.69%
Published
2008-12-11
Updated
2018-10-11
2 vulnerabilities found