Page 3 of 18 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://online.securityfocus.com/archive/1/261096 http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3432 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3426 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3432 •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3427 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. • http://archives.neohapsis.com/archives/bugtraq/2001-04/0433.html http://ipswitch.com/Support/IMail/news.html http://www.osvdb.org/5610 https://exchange.xforce.ibmcloud.com/vulnerabilities/6445 •