📦

instant_messaging

Vendor: ipswitch

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 4.17% Exploit Prob.

Latest CVE CVE-2008-0944 Feb 25

Security Vulnerability Index

Page 1 / 1

5.0 CVSS

CVE-2008-0944

Exploit Found

Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero.

EPSS: 11.26%

Severity: MEDIUM

Feb 25, 2008

3.5 CVSS

CVE-2008-0945

Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.

EPSS: 1.18%

Severity: LOW

Feb 25, 2008

4.9 CVSS

CVE-2008-0946

Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.

EPSS: 0.05%

Severity: MEDIUM

Feb 25, 2008

Displaying 3 of 3 Total Entries

Total 1 Sections