製品・ソフトウェアに関する情報

JVN脆弱性詳細

MailEnable の IMAP モジュールにおけるスタックベースバッファオーバーフローの脆弱性

Title	MailEnable の IMAP モジュールにおけるスタックベースバッファオーバーフローの脆弱性
Summary	MailEnable Professional および MailEnable Enterprise の IMAP モジュール (MEIMAPS.EXE) には、スタックベースバッファオーバーフローの脆弱性が存在します。
Possible impacts	リモート認証されたユーザにより、(1) EXAMINE または (2) SELECT コマンドへの過度に長い引数を介して、サービスの運用妨害 (クラッシュ) 状態にされる、または任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Dec. 5, 2006, midnight
Registration Date	Sept. 25, 2012, 3:36 p.m.
Last Update	Sept. 25, 2012, 3:36 p.m.

CVSS2.0 : 警告
Score	6.5
Vector	AV:N/AC:L/Au:S/C:P/I:P/A:P

Affected System

MailEnable

MailEnable Enterprise 1.1 から 1.30、および 2.0 から 2.33

mailenable professional 1.6 から 1.82、および 2.0 から 2.33

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2006-6290	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6290
National Vulnerability Database (NVD)
2	CVE-2006-6290	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6290

ベンダー情報

No	Name	URL
MailEnable
1	Hot Fixes	http://www.mailenable.com/hotfix/

Change Log

No	Changed Details	Date of change
0	[2012年09月25日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2006-6290

Summary	Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command.
Summary	Múltiples desbordamientos de búfer basados en pila en el módulo IMAP (MEIMAPS.EXE) de MailEnable Professional 1.6 hasta 1.82 y 2.0 hasta 2.33, y MailEnable Enterprise 1.1 hasta 1.30 y 2.0 hasta 2.33 permite a usuarios remotos autenticados provocar una denegación de servicio (caída) o posiblemente ejecutar código de su elección mediante un argumento largo a los comandos (1) EXAMINE o (2) SELECT.
Publication Date	Dec. 5, 2006, 8:28 p.m.
Registration Date	Jan. 29, 2021, 3:51 p.m.
Last Update	April 23, 2026, 9:35 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mailenable:mailenable_enterprise:1.1:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.2:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.11:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.12:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.13:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.14:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.15:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.16:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.17:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.18:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.19:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.21:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.22:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.23:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.24:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.25:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.26:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.27:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.28:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.29:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.30:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.0:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.1:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.01:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.2:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.03:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.04:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.05:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.06:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.07:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.08:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.09:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.11:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.12:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.13:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.14:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.15:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.16:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.17:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.18:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.19:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.21:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.22:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.23:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.24:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.25:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.26:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.27:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.28:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.29:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.30:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.31:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.32:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.33:::::::*
cpe:2.3:a:mailenable:mailenable_professional:1.6:::::::*
cpe:2.3:a:mailenable:mailenable_professional:1.82:::::::*
cpe:2.3:a:mailenable:mailenable_professional:2.0:::::::*
cpe:2.3:a:mailenable:mailenable_professional:2.33:::::::*

Related information, measures and tools

No	URL	refsource
1	http://secunia.com/advisories/23047	cve@mitre.org
2	http://secunia.com/advisories/23080	cve@mitre.org
3	http://secunia.com/secunia_research/2006-71/advisory/	cve@mitre.org
4	http://securitytracker.com/id?1017276	cve@mitre.org
5	http://securitytracker.com/id?1017319	cve@mitre.org
6	http://www.mailenable.com/hotfix/	cve@mitre.org
7	http://www.securityfocus.com/archive/1/453118/100/100/threaded	cve@mitre.org
8	http://www.securityfocus.com/bid/21362	cve@mitre.org
9	http://www.vupen.com/english/advisories/2006/4673	cve@mitre.org
10	http://www.vupen.com/english/advisories/2006/4778	cve@mitre.org
11	https://exchange.xforce.ibmcloud.com/vulnerabilities/30614	cve@mitre.org
12	http://secunia.com/advisories/23047	af854a3a-2127-422b-91ae-364da2661108
13	http://secunia.com/advisories/23080	af854a3a-2127-422b-91ae-364da2661108
14	http://secunia.com/secunia_research/2006-71/advisory/	af854a3a-2127-422b-91ae-364da2661108
15	http://securitytracker.com/id?1017276	af854a3a-2127-422b-91ae-364da2661108
16	http://securitytracker.com/id?1017319	af854a3a-2127-422b-91ae-364da2661108
17	http://www.mailenable.com/hotfix/	af854a3a-2127-422b-91ae-364da2661108
18	http://www.securityfocus.com/archive/1/453118/100/100/threaded	af854a3a-2127-422b-91ae-364da2661108
19	http://www.securityfocus.com/bid/21362	af854a3a-2127-422b-91ae-364da2661108
20	http://www.vupen.com/english/advisories/2006/4673	af854a3a-2127-422b-91ae-364da2661108
21	http://www.vupen.com/english/advisories/2006/4778	af854a3a-2127-422b-91ae-364da2661108
22	https://exchange.xforce.ibmcloud.com/vulnerabilities/30614	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mailenable:mailenable_enterprise:1.1:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.2:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.11:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.12:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.13:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.14:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.15:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.16:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.17:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.18:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.19:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.21:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.22:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.23:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.24:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.25:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.26:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.27:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.28:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.29:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:1.30:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.0:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.1:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.01:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.2:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.03:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.04:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.05:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.06:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.07:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.08:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.09:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.11:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.12:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.13:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.14:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.15:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.16:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.17:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.18:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.19:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.21:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.22:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.23:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.24:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.25:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.26:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.27:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.28:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.29:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.30:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.31:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.32:::::::*
cpe:2.3:a:mailenable:mailenable_enterprise:2.33:::::::*
cpe:2.3:a:mailenable:mailenable_professional:1.6:::::::*
cpe:2.3:a:mailenable:mailenable_professional:1.82:::::::*
cpe:2.3:a:mailenable:mailenable_professional:2.0:::::::*
cpe:2.3:a:mailenable:mailenable_professional:2.33:::::::*