IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authenticated attackers to cause a denial of service (application crash) by using RENAME with a non-existent mailbox, a different vulnerability than CVE-2005-3690.

Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.

Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.

Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).

Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command.

Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.

The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string.

MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.

Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.