Page 2 of 10 results (0.018 seconds)

CVSS: 4.0EPSS: 18%CPEs: 3EXPL: 0

The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory. • http://secunia.com/advisories/17863 http://securitytracker.com/id?1015318 http://www.idefense.com/application/poi/display?id=347&type=vulnerabilities http://www.securityfocus.com/bid/15753 http://www.vupen.com/english/advisories/2005/2782 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 57%CPEs: 3EXPL: 0

Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands. • http://secunia.com/advisories/17863 http://securitytracker.com/id?1015317 http://www.idefense.com/application/poi/display?id=346&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp http://www.securityfocus.com/bid/15752 http://www.vupen.com/english/advisories/2005/2782 •

CVSS: 10.0EPSS: 76%CPEs: 3EXPL: 0

Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name. • http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string argument in a GET request to a non-existent .jsp file. • http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=242&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 •

CVSS: 10.0EPSS: 24%CPEs: 4EXPL: 3

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character. • https://www.exploit-db.com/exploits/1124 https://www.exploit-db.com/exploits/3627 https://www.exploit-db.com/exploits/1035 http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 •