Mdaemon CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (28 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2000-1021	1 Alt-n	1 Mdaemon	2025-04-03	N/A
Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL.
CVE-2005-4209	1 Alt-n	2 Mdaemon, Worldclient	2025-04-03	N/A
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability.
CVE-2000-0399	1 Alt-n	1 Mdaemon	2025-04-03	N/A
Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name.
CVE-2005-4266	1 Alt-n	2 Mdaemon, Worldclient	2025-04-03	N/A
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value.
CVE-2000-0501	1 Alt-n	1 Mdaemon	2025-04-03	N/A
Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server.
CVE-2000-0716	1 Alt-n	1 Mdaemon	2025-04-03	N/A
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
CVE-2000-1020	1 Alt-n	1 Mdaemon	2025-04-03	N/A
Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL.
CVE-2001-0064	1 Alt-n	1 Mdaemon	2025-04-03	N/A
Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string.

« first previous Page 2 of 2.