CVE-2007-5094

Name of the Vulnerable Software and Affected Versions Ipswitch IMail Server versions 8.01 through 8.11

Description The issue is related to a heap-based buffer overflow in the iaspam.dll component of the SMTP Server. It can be triggered by remote attackers sending a set of four different e-mail messages with specific malformed elements in the header, including a long boundary parameter in the Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. This allows attackers to execute arbitrary code.

Recommendations For Ipswitch IMail Server versions 8.01 through 8.11, update to a version that includes a fix for this issue to prevent remote code execution. As a temporary workaround, consider restricting access to the SMTP Server or implementing additional security measures to minimize the risk of exploitation.