📦

imserver

Vendor: ipswitch

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.74% Exploit Prob.

Latest CVE CVE-2008-0945 Feb 25

Security Vulnerability Index

Page 1 / 1

3.5 CVSS

CVE-2008-0945

Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.

EPSS: 1.18%

Severity: LOW

Feb 25, 2008

4.9 CVSS

CVE-2008-0946

Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.

EPSS: 0.05%

Severity: MEDIUM

Feb 25, 2008

5.0 CVSS

CVE-2007-3959

The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (daemon crash) via certain data to TCP port 5179 that overwrites a destructor, as reachable by the (1) DoAttachVideoSender, (2) DoAttachVideoReceiver, (3) DoAttachAudioSender, and (4) DoAttachAudioReceiver functions.

EPSS: 0.98%

Severity: MEDIUM

Jul 24, 2007

Displaying 3 of 3 Total Entries

Total 1 Sections