Ipswitch

Imail Server

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2017-12638

  • EPSS 0.19%
  • Veröffentlicht 03.10.2017 01:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.

9.8

CVE-2017-12639

  • EPSS 0.19%
  • Veröffentlicht 03.10.2017 01:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.

4.3

CVE-2014-3878

Exploit
  • EPSS 0.36%
  • Veröffentlicht 05.06.2014 17:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly before 12.4.1.15, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in an add new cont...

7.5

CVE-2007-4345

  • EPSS 0.22%
  • Veröffentlicht 31.10.2007 17:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail Server 2006.22, allows remote attackers to execute arbitrary code via a long boundary parameter in a multipart MIME e-mail message.

6.5

CVE-2007-3925

  • EPSS 90.44%
  • Veröffentlicht 21.07.2007 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.

7.8

CVE-2007-3926

  • EPSS 0.29%
  • Veröffentlicht 21.07.2007 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving an "overwritten destructor."

10

CVE-2007-3927

  • EPSS 72.67%
  • Veröffentlicht 21.07.2007 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "su...

4

CVE-2005-2923

  • EPSS 5.25%
  • Veröffentlicht 07.12.2005 01:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory.

7.5

CVE-2005-2931

  • EPSS 14.47%
  • Veröffentlicht 07.12.2005 01:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RC...

5

CVE-2005-1252

  • EPSS 0.33%
  • Veröffentlicht 25.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string a...