CVE-2007-1637

2007-03-2322:19:00

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the © IMailUserCollection control.

Affected configurations

Nvd

Node

ipswitchimailMatch2006

ipswitchimail_plusMatch2006

ipswitchimail_premiumMatch2006

ipswitchipswitch_collaboration_suiteMatch2006_standard

VendorProductVersionCPE
ipswitchimail2006cpe:2.3:a:ipswitch:imail:2006:*:*:*:*:*:*:*
ipswitchimail_plus2006cpe:2.3:a:ipswitch:imail_plus:2006:*:*:*:*:*:*:*
ipswitchimail_premium2006cpe:2.3:a:ipswitch:imail_premium:2006:*:*:*:*:*:*:*
ipswitchipswitch_collaboration_suite2006_standardcpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006_standard:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ipswitch	imail	2006	cpe:2.3:a:ipswitch:imail:2006:::::::*
ipswitch	imail_plus	2006	cpe:2.3:a:ipswitch:imail_plus:2006:::::::*
ipswitch	imail_premium	2006	cpe:2.3:a:ipswitch:imail_premium:2006:::::::*
ipswitch	ipswitch_collaboration_suite	2006_standard	cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006_standard:::::::*