📦

imail

Vendor: ipswitch

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 16 Code Available
Total RCEs 8 Remote Access
Total CVEs 47 Total Indexed
Avg. EPSS 11.77% Exploit Prob.
Latest CVE CVE-2011-1430 Mar 16

Security Vulnerability Index

Page 2 / 5
4.6 CVSS
CVE-2004-1520
Exploit Found

Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command.

EPSS: 88.80%
5.0 CVSS
CVE-2004-2423

Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content."

EPSS: 0.58%
5.0 CVSS
CVE-2004-2422

Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component.

EPSS: 0.34%
10.0 CVSS
CVE-2004-0297
Exploit Found

Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length.

EPSS: 62.30%
7.5 CVSS
CVE-2002-1076
RCE Exploit Found

Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.

EPSS: 28.49%
5.0 CVSS
CVE-2002-1077
Exploit Found

IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field.

EPSS: 5.65%
10.0 CVSS
CVE-2002-0777
RCE

Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.

EPSS: 42.29%
7.5 CVSS
CVE-2001-1211

Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.

EPSS: 0.10%
7.5 CVSS
CVE-2001-1287
RCE Exploit Found

Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

EPSS: 2.01%
5.0 CVSS
CVE-2001-1280

POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system.

EPSS: 0.17%