CVE-2004-2727 - OpenCVE

Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mailenable	Mailenable

Configuration 1 [-]

OR	cpe:2.3:a:mailenable:mailenable:1.5:::::::*
	cpe:2.3:a:mailenable:mailenable:1.6:::::::*
	cpe:2.3:a:mailenable:mailenable:1.7:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/11588
http://securitytracker.com/id?1010107
http://www.hat-squad.com/en/000071.html
http://www.osvdb.org/6037
http://www.osvdb.org/6038
http://www.securityfocus.com/bid/10312
http://www.vupen.com/english/advisories/2005/0383
https://exchange.xforce.ibmcloud.com/vulnerabilities/16114
https://exchange.xforce.ibmcloud.com/vulnerabilities/16115

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-09T10:00:00

Updated: 2024-08-08T01:36:25.304Z

Reserved: 2007-10-08T00:00:00

Link: CVE-2004-2727

Vulnrichment

No data.

NVD

Status : Modified

Published: 2004-12-31T05:00:00.000

Modified: 2017-07-29T01:29:17.967

Link: CVE-2004-2727

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-05-09T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "6037", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/6037"}, {"name": "mailenable-disabled-mehttps-bo(16115)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16115"}, {"name": "ADV-2005-0383", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/0383"}, {"name": "6038", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/6038"}, {"name": "11588", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/11588"}, {"name": "mailenable-enabled-mehttps-dos(16114)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16114"}, {"tags": ["x_refsource_MISC"], "url": "http://www.hat-squad.com/en/000071.html"}, {"name": "1010107", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1010107"}, {"name": "10312", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/10312"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-2727", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "6037", "refsource": "OSVDB", "url": "http://www.osvdb.org/6037"}, {"name": "mailenable-disabled-mehttps-bo(16115)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16115"}, {"name": "ADV-2005-0383", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/0383"}, {"name": "6038", "refsource": "OSVDB", "url": "http://www.osvdb.org/6038"}, {"name": "11588", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11588"}, {"name": "mailenable-enabled-mehttps-dos(16114)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16114"}, {"name": "http://www.hat-squad.com/en/000071.html", "refsource": "MISC", "url": "http://www.hat-squad.com/en/000071.html"}, {"name": "1010107", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010107"}, {"name": "10312", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10312"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:36:25.304Z"}, "title": "CVE Program Container", "references": [{"name": "6037", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/6037"}, {"name": "mailenable-disabled-mehttps-bo(16115)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16115"}, {"name": "ADV-2005-0383", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/0383"}, {"name": "6038", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/6038"}, {"name": "11588", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/11588"}, {"name": "mailenable-enabled-mehttps-dos(16114)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16114"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.hat-squad.com/en/000071.html"}, {"name": "1010107", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1010107"}, {"name": "10312", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/10312"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-2727", "datePublished": "2007-10-09T10:00:00", "dateReserved": "2007-10-08T00:00:00", "dateUpdated": "2024-08-08T01:36:25.304Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mailenable:mailenable:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "1B1C4F6E-5D9B-4EFA-BA05-E3B774333216", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "76971583-B261-4101-AF38-D87477818806", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "71997CBD-EAA2-4BB8-955C-D9EB5C3134B8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request."}], "id": "CVE-2004-2727", "lastModified": "2017-07-29T01:29:17.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/11588"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1010107"}, {"source": "cve@mitre.org", "url": "http://www.hat-squad.com/en/000071.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/6037"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/6038"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/10312"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/0383"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16114"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16115"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}