CVE-2006-6425
Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
Max CVSS
9.0
EPSS Score
16.33%
Published
2006-12-27
Updated
2018-10-17
CVE-2006-6424
Public exploit
Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.
Max CVSS
9.0
EPSS Score
89.57%
Published
2006-12-27
Updated
2018-10-17
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
Max CVSS
6.4
EPSS Score
1.83%
Published
2005-07-09
Updated
2011-03-08
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
20.10%
Published
2005-06-08
Updated
2011-03-08
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
1.65%
Published
2005-06-08
Updated
2011-03-08
Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.
Max CVSS
4.3
EPSS Score
0.24%
Published
2005-06-08
Updated
2011-03-08
6 vulnerabilities found