Ipswitch: >> Instant Messaging >> 2.0 Security Vulnerabilities
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.
CVSS Score
3.5
EPSS Score
0.012
Published
2008-02-25
Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.
CVSS Score
4.9
EPSS Score
0.001
Published
2008-02-25