CVEブラウザに戻る

CVE-2003-0487

HIGH

7.5

CVSS Severity Score

EPSS Score0.0780%

EPSS Percentile29.80th

Published2003年8月7日

Last Modified2026年4月16日

Vulnerability Description

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module.

Affected Platforms (CPE)

📦

Kerio

Kerio Mailserver

= 5.6.3

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=105596982503760&w=2

🔗 http://nautopia.org/vulnerabilidades/kerio_mailserver.htm

🔗 http://www.securityfocus.com/bid/7967

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/12368

🔗 http://marc.info/?l=bugtraq&m=105596982503760&w=2

🔗 http://nautopia.org/vulnerabilidades/kerio_mailserver.htm

🔗 http://www.securityfocus.com/bid/7967

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/12368

関連する脆弱性情報

CVE-2007-399310.0

Unspecified vulnerability in the attachment filter in Kerio MailServer before 6.4.1 has unknown impact and remote attack vectors.

CVE-2008-086010.0

Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vect...

CVE-2004-244110.0

Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown impact and unknown remote attack vectors, related to a "pot...

CVE-2006-11587.8

Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP ...