Vulnerability Details : CVE-2005-1348
Public exploit exists!
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2005-1348
89.91%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2005-1348
-
MailEnable Authorization Header Buffer Overflow
Disclosure Date: 2005-04-24First seen: 2020-04-26exploit/windows/http/mailenable_auth_headerThis module exploits a remote buffer overflow in the MailEnable web service. The vulnerability is triggered when a large value is placed into the Authorization header of the web request. MailEnable Enterprise Edition versions prior to 1.0.5 and MailEnable Professio
CVSS scores for CVE-2005-1348
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-1348
Products affected by CVE-2005-1348
- cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*