Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mailenable_enterprise | Mailenable | 1.00 (including) | 1.00 (including) |
Mailenable_enterprise | Mailenable | 1.1 (including) | 1.1 (including) |
Mailenable_enterprise | Mailenable | 1.01 (including) | 1.01 (including) |
Mailenable_enterprise | Mailenable | 1.02 (including) | 1.02 (including) |
Mailenable_enterprise | Mailenable | 1.03 (including) | 1.03 (including) |
Mailenable_enterprise | Mailenable | 1.04 (including) | 1.04 (including) |
Mailenable_professional | Mailenable | * | 1.6 (including) |