CVE-2010-2580
CVE-2010-2580 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error."
Learn more about our Web Application Penetration Testing UK.