CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-1637

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.4%

CVSS Severity

CVSS v2 Score 9.3

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487
http://secunia.com/advisories/24422
http://support.ipswitch.com/kb/IM-20070305-JH01.htm
http://www.securitytracker.com/id?1017737
http://www.vupen.com/english/advisories/2007/0853
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487
http://secunia.com/advisories/24422
http://support.ipswitch.com/kb/IM-20070305-JH01.htm
http://www.securitytracker.com/id?1017737
http://www.vupen.com/english/advisories/2007/0853

Products affected by CVE-2007-1637

Ipswitch » Imail » Version: 2006

cpe:2.3:a:ipswitch:imail:2006
Ipswitch » Imail Plus » Version: 2006

cpe:2.3:a:ipswitch:imail_plus:2006
Ipswitch » Imail Premium » Version: 2006

cpe:2.3:a:ipswitch:imail_premium:2006
Ipswitch » Ipswitch Collaboration Suite » Version: 2006_standard

cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006_standard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1637

Products

Pricing

Contact Us