PT-2007-5145 · Ipswitch · Ipswitch Imail Server

Published

2007-07-21

Updated

2017-07-29

CVE-2007-3925

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Ipswitch IMail Server 2006 versions prior to 2006.21

Description: The issue concerns multiple buffer overflows in the IMAP service, specifically in the imapd32.exe component. These overflows can be triggered by remote authenticated users through the Search or Search Charset command, potentially allowing the execution of arbitrary code.

Recommendations: For Ipswitch IMail Server 2006 versions prior to 2006.21, update to version 2006.21 or later to resolve the issue. As a temporary workaround, consider restricting access to the IMAP service until the update can be applied.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-3925

Affected Products

Ipswitch Imail Server

PT-2007-5145 · Ipswitch · Ipswitch Imail Server

CVE-2007-3925

Weakness Enumeration

Related Identifiers

Affected Products

References · 13