9.3

CVE-2007-1637

EPSS 0.34%
Published 23.03.2007 22:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Ipswitch ≫ Imail Version2006

Ipswitch ≫ Imail Plus Version2006

Ipswitch ≫ Imail Premium Version2006

Ipswitch ≫ Ipswitch Collaboration Suite Version2006_standard

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.34%	0.54

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487

http://secunia.com/advisories/24422

Vendor Advisory

http://support.ipswitch.com/kb/IM-20070305-JH01.htm

http://www.securitytracker.com/id?1017737

http://www.vupen.com/english/advisories/2007/0853

https://nvd.nist.gov/vuln/detail/CVE-2007-1637

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1637

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1637

EUVD