Every CVE whose affected-product data names Alt-n Mdaemon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2006-5709 — CVSS 10.0 (critical): Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a…
CVE-2003-1470 — CVSS 9.0 (critical): Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and…
CVE-2005-4266 — CVSS 7.5 (high): WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is…
CVE-2003-1200 — CVSS 7.5 (high): Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a…
CVE-2006-2646 — CVSS 7.5 (high): Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument…
CVE-2000-1020 — CVSS 7.5 (high): Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute…
CVE-2000-1021 — CVSS 7.5 (high): Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary…
CVE-2006-5708 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt-N Technologies MDaemon before 9.50 allow attackers to cause a denial…
CVE-2001-0104 — CVSS 7.2 (high): MDaemon Pro 3.5.1 and earlier allows local users to bypass the "lock server" security setting by pressing the Cancel button at the password…
CVE-2004-2504 — CVSS 7.2 (high): The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges…
CVE-2003-1471 — CVSS 6.3 (medium): MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with…
CVE-2008-6967 — CVSS 5.0 (medium): Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related…
CVE-2001-0064 — CVSS 5.0 (medium): Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL…
CVE-2001-0583 — CVSS 5.0 (medium): Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET…
CVE-2002-1539 — CVSS 5.0 (medium): Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or…
CVE-2002-1738 — CVSS 5.0 (medium): Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote…
CVE-2004-1546 — CVSS 5.0 (medium): Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML…
CVE-2004-2292 — CVSS 5.0 (medium): Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command…
CVE-2006-0925 — CVSS 5.0 (medium): Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of…
CVE-2006-4364 — CVSS 5.0 (medium): Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial…
CVE-2000-0399 — CVSS 5.0 (medium): Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name.
CVE-2006-5968 — CVSS 4.6 (medium): MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users…
CVE-2005-4209 — CVSS 4.3 (medium): WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags…
CVE-2000-0716 — CVSS 2.6 (low): WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL…
CVE-2000-0501 — CVSS 2.6 (low): Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting…
CVE-2007-3622 — CVSS 2.6 (low): Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service…
CVE-2002-1740 — CVSS 2.1 (low): Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary…
CVE-2001-0584 — CVSS 2.1 (low): IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE…