1. CVE-Search
  2. CVE-2007-3927
ID CVE-2007-3927
Summary Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscribe."
References
Vulnerable Configurations
  • cpe:2.3:a:ipswitch:imail_server:8.2:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:8.2:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:imail_server:8.20:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:8.20:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:imail_server:12.3:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:imail_server:12.4:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:imail_server:12.4.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:12.4.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:imail_server:12.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:12.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:imail_server:2006.2:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:imail_server:2006.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.01:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.01:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.07:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.07:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:8.15:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:8.15:*:*:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006:-:premium:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006:-:premium:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006:-:standard:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006:-:standard:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02:-:premium:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02:-:premium:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02:-:standard:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02:-:standard:*:*:*:*:*
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.2:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 24962
confirm http://docs.ipswitch.com/IMail%202006.21/ReleaseNotes/IMail_RelNotes.htm#NewRelease
osvdb
  • 45818
  • 45819
sectrack 1018421
secunia 26123
vupen ADV-2007-2574
xf
  • ipswitch-imail-imailsec-bo(35504)
  • ipswitch-imail-subscribe-bo(35505)
saint via4
  • bid 24962
    description Ipswitch IMail Server IMAP SEARCH buffer overflow
    id mail_smtp_imail
    osvdb 36219
    title imail_imap_search
    type remote
  • bid 24962
    description Ipswitch IMail IMAP SUBSCRIBE command buffer overflow
    id mail_smtp_imail
    osvdb 36222
    title imail_imap_subscribe
    type remote
Last major update 29-07-2017 - 01:32
Published 21-07-2007 - 00:30
Last modified 29-07-2017 - 01:32
Back to Top