Imail@2006 Security Vulnerabilities and Issues — Imail@2006 CVE List

Lucene search

IpswitchImail2006

4 matches found

CVE•added 2011/03/16 10:55 p.m.•77 views

CVE-2011-1430

The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plai...

6.8CVSS6.7AI score0.6945EPSS

CVE•added 2007/03/23 10:19 p.m.•53 views

CVE-2007-1637

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPServ...

9.3CVSS7.8AI score0.00344EPSS

CVE•added 2005/07/06 4:0 a.m.•46 views

CVE-2005-2160

IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.

7.5CVSS6.8AI score0.01005EPSS

CVE•added 2000/02/04 5:0 a.m.•33 views

CVE-2000-0019

IMail POP3 daemon uses weak encryption, which allows local users to read files.

2.1CVSS6.6AI score0.00023EPSS