CVE-2007-3925

Ipswitch IMail Server 2006.x (IMAP service, imapd32.exe) contains multiple buffer overflows in the IMAP SEARCH and SEARCH CHARSET commands. The issue affects 2006.1 up to before 2006.21, enabling a remote authenticated attacker to execute arbitrary code by sending specially crafted commands. The ...

CVE-2007-4345

CVE-2007-4345 : A buffer overflow in IMail Client 9.22 (shipped with IPSwitch IMail Server 2006.22) can be triggered by a long boundary parameter in multipart MIME data. This remote vulnerability allows an attacker to execute arbitrary code on the affected system with the user’s privileges.

CVE-2017-12639

CVE-2017-12639 affects Ipswitch IMail Server up to 12.5.5, where a stack-based buffer overflow in IMailSrv allows remote code execution via unspecified vectors. The vulnerability is documented with a high-severity profile (NVD CVSS v3.0: CRITICAL; v2.0: HIGH). Exploitation could yield arbitrary c...

CVE-2005-1252

CVE-2005-1252 affects Ipswitch IMail Web Calendaring server. A directory traversal flaw in handling requests for nonexistent .jsp resources lets an unauthenticated remote attacker read arbitrary files via crafted GET requests (e.g., ..\ sequences). Affects IMail 8.13 and earlier versions up to IM...

CVE-2005-1255

CVE-2005-1255 refers to multiple stack-based buffer overflows in the IMail IMAP server (Ipswitch Collaboration Suite and related IMail Server versions). The vulnerability allows a remote attacker to cause arbitrary code execution by sending a crafted LOGIN command with an overly long username arg...

CVE-2014-3878

Ipswitch IMail Server web client interface (12.3 and 12.4, possibly before 12.4.1.15) contains multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary web script or HTML via (1) the Name field when adding a new contact, (2) an Add Group action in ...

CVE-2005-1256

A stack-based buffer overflow vulnerability in Ipswitch IMail’s IMAP STATUS handling allows remote authentication-enabled attackers to execute arbitrary code. A long mailbox name in the STATUS command can overflow IMAPD32.EXE (IMail 8.13 in Ipswitch Collaboration Suite and earlier versions) and m...

CVE-2017-12638

Ipswitch IMail Server

CVE-2007-3926

CVE-2007-3926 : Ipswitch IMail Server 2006 prior to 2006.21 is vulnerable to a remote denial of service (daemon crash) via unspecified vectors related to an "overwritten destructor". The description indicates the issue affects the IMail 2006 line before release 2006.21 and can be triggered remote...

CVE-2007-3927

Ipswitch IMail Server 2006 before 2006.21 has a buffer overflow in the IMAP SUBSCRIBE handling that can allow an authenticated attacker to execute arbitrary commands on Windows (IMail service). The issue is described as a SUBSCRIBE-related buffer overflow and other unspecified vectors, with the k...

CVE-2005-2931

Ipswitch Collaboration Suite / IMail Server 8.20 (ICS) is affected by a format-string vulnerability in the SMTP server that allows remote attackers to execute arbitrary code via crafted input to the EXPN, MAIL, MAIL FROM, or RCPT TO commands. The issue stems from improper handling of format speci...

CVE-2005-2923

CVE-2005-2923 affects Ipswitch’s IMail Server IMAP service (IP: Ipswitch Collaboration Suite). The vulnerability lies in the IMAP LIST command handling: when a long LIST argument (~8000 bytes) is processed, the server can reference invalid memory, leading to a crash (DoS). This requires authentic...