Vulnerability Details CVE-2005-1255
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.063
EPSS Ranking 90.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://securitytracker.com/id?1014047
- http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities
- http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html
- http://www.securityfocus.com/bid/13727
- http://securitytracker.com/id?1014047
- http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities
- http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html
- http://www.securityfocus.com/bid/13727
Products affected by CVE-2005-1255
-
cpe:2.3:a:ipswitch:imail:8.12
-
cpe:2.3:a:ipswitch:imail:8.13
-
cpe:2.3:a:ipswitch:imail_server:8.2
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.0
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.01
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.07
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.2
-
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:8.15