Описание
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon.
Ссылки
- Patch
- Patch
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 2006.2 (включая)
Одно из
cpe:2.3:a:ipswitch:imail:*:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:imail:2006.1:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.19535
Средний
9 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon.
EPSS
Процентиль: 95%
0.19535
Средний
9 Critical
CVSS2
Дефекты
CWE-119