CVE-2010-2580

CVSS V2 Medium 5 CVSS V3 None
Description
The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error."
Overview
  • CVE ID
  • CVE-2010-2580
  • Assigner
  • PSIRT-CNA@flexerasoftware.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2010-09-15T18:00:25
  • Last Modified Date
  • 2018-10-10T19:59:47
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:mailenable:mailenable:*:-:pro:*:*:*:*:* 1 OR 4.25
cpe:2.3:a:mailenable:mailenable:4.0:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.1:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.01:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.11:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.12:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.13:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.14:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.15:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.16:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.17:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.22:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.23:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.24:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:*:-:std:*:*:*:*:* 1 OR 4.25
cpe:2.3:a:mailenable:mailenable:4.0:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.01:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.1:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.13:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.14:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.16:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.17:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.22:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.23:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.24:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:*:-:enterprise:*:*:*:*:* 1 OR 4.25
cpe:2.3:a:mailenable:mailenable:4.0:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.01:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.1:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.11:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.12:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.13:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.14:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.15:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.16:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.17:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.22:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.23:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:4.24:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.61:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.62:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.63:-:std:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.0:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.01:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.02:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.03:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.04:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.5:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.6:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.10:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.11:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.12:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.13:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.14:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.51:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.52:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.53:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.61:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.62:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.63:-:pro:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.0:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.01:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.02:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.03:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.04:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.5:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.6:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.10:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.11:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.12:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.13:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.14:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.51:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.52:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.53:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.61:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.62:-:enterprise:*:*:*:*:* 1 OR
cpe:2.3:a:mailenable:mailenable:3.63:-:enterprise:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:N/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • NONE
  • Availability Impact
  • PARTIAL
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 18:30:39 Added to TrackCVE