Vulnerability Report

CVE-2007-1637

RCE

Title: Ipswitch Ipswitch Collaboration Suite RCE

RCE

Proof Of Concept

No public PoC currently indexed for CVE-2007-1637.

CWE Category NVD-CWE-noinfo

Published Date Mar 23, 2007

Modified Date Apr 09, 2025

Exploit Status Not Found

Score 9.3 CVSS v2.0

Exploit Probability (EPSS)

0.97%

Vulnerability Summary

CVE-2007-1637: Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.

Impacted Vendors

ipswitch 4

Reference Links

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487 http://secunia.com/advisories/24422 http://support.ipswitch.com/kb/IM-20070305-JH01.htm http://www.securitytracker.com/id?1017737 http://www.vupen.com/english/advisories/2007/0853 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487 http://secunia.com/advisories/24422 http://support.ipswitch.com/kb/IM-20070305-JH01.htm http://www.securitytracker.com/id?1017737 http://www.vupen.com/english/advisories/2007/0853

CVSS v2.0

Source Entity [email protected]

Severity HIGH

9.3

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:M/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2007-1637 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 09, 2025 MODIFIED

Vulnerability data or affected products updated.

March 23, 2007 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:M/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.