CVE-2010-2580

The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
VendorProductVersion
mailenablemailenable
𝑥
≤ 4.25
mailenablemailenable
4.0
mailenablemailenable
4.1
mailenablemailenable
4.01
mailenablemailenable
4.11
mailenablemailenable
4.12
mailenablemailenable
4.13
mailenablemailenable
4.14
mailenablemailenable
4.15
mailenablemailenable
4.16
mailenablemailenable
4.17
mailenablemailenable
4.22
mailenablemailenable
4.23
mailenablemailenable
4.24
mailenablemailenable
𝑥
≤ 4.25
mailenablemailenable
4.0
mailenablemailenable
4.01
mailenablemailenable
4.1
mailenablemailenable
4.13
mailenablemailenable
4.14
mailenablemailenable
4.16
mailenablemailenable
4.17
mailenablemailenable
4.22
mailenablemailenable
4.23
mailenablemailenable
4.24
mailenablemailenable
𝑥
≤ 4.25
mailenablemailenable
4.0
mailenablemailenable
4.01
mailenablemailenable
4.1
mailenablemailenable
4.11
mailenablemailenable
4.12
mailenablemailenable
4.13
mailenablemailenable
4.14
mailenablemailenable
4.15
mailenablemailenable
4.16
mailenablemailenable
4.17
mailenablemailenable
4.22
mailenablemailenable
4.23
mailenablemailenable
4.24
mailenablemailenable
3.61
mailenablemailenable
3.62
mailenablemailenable
3.63
mailenablemailenable
3.0
mailenablemailenable
3.01
mailenablemailenable
3.02
mailenablemailenable
3.03
mailenablemailenable
3.04
mailenablemailenable
3.5
mailenablemailenable
3.6
mailenablemailenable
3.10
mailenablemailenable
3.11
mailenablemailenable
3.12
mailenablemailenable
3.13
mailenablemailenable
3.14
mailenablemailenable
3.51
mailenablemailenable
3.52
mailenablemailenable
3.53
mailenablemailenable
3.61
mailenablemailenable
3.62
mailenablemailenable
3.63
mailenablemailenable
3.0
mailenablemailenable
3.01
mailenablemailenable
3.02
mailenablemailenable
3.03
mailenablemailenable
3.04
mailenablemailenable
3.5
mailenablemailenable
3.6
mailenablemailenable
3.10
mailenablemailenable
3.11
mailenablemailenable
3.12
mailenablemailenable
3.13
mailenablemailenable
3.14
mailenablemailenable
3.51
mailenablemailenable
3.52
mailenablemailenable
3.53
mailenablemailenable
3.61
mailenablemailenable
3.62
mailenablemailenable
3.63
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/41175
http://secunia.com/secunia_research/2010-112/
http://www.mailenable.com/Enterprise-ReleaseNotes.txt
http://www.mailenable.com/Professional-ReleaseNotes.txt
http://www.mailenable.com/Standard-ReleaseNotes.txt
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/archive/1/513648/100/0/threaded
http://www.securityfocus.com/bid/43182
http://www.securitytracker.com/id?1024427
http://secunia.com/advisories/41175
http://secunia.com/secunia_research/2010-112/
http://www.mailenable.com/Enterprise-ReleaseNotes.txt
http://www.mailenable.com/Professional-ReleaseNotes.txt
http://www.mailenable.com/Standard-ReleaseNotes.txt
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/archive/1/513648/100/0/threaded
http://www.securityfocus.com/bid/43182
http://www.securitytracker.com/id?1024427