David Harris : Security Vulnerabilities, CVEs, (Code Execution) CVSS score >= 6
Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
Max CVSS
6.0
EPSS Score
7.70%
Published
2007-09-20
Updated
2017-09-29
CVE-2005-4411
Public exploit
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
Max CVSS
7.5
EPSS Score
94.46%
Published
2005-12-20
Updated
2017-10-19
CVE-2004-1211
Public exploit
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
Max CVSS
10.0
EPSS Score
96.37%
Published
2005-01-10
Updated
2017-07-11
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.
Max CVSS
7.5
EPSS Score
1.79%
Published
2002-10-04
Updated
2008-09-05
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.
Max CVSS
7.5
EPSS Score
3.31%
Published
2001-06-27
Updated
2008-09-05
5 vulnerabilities found