CVE-2005-2923

Published: Dec 7, 2005Modified: Apr 16, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory.

Affected (3)

Products: Ipswitch: Imail Server, Ipswitch Collaboration Suite

Ipswitch

2 products

Imail Server

Ipswitch Collaboration Suite

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ipswitch Imail Server	Version 8.20
Ipswitch Ipswitch Collaboration Suite	Version 2.01
Ipswitch Ipswitch Collaboration Suite	Version 2.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://secunia.com/advisories/17863

Source: cve@mitre.org

http://securitytracker.com/id?1015318

Source: cve@mitre.org

http://www.idefense.com/application/poi/display?id=347&type=vulnerabilities

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/15753

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2782

Source: cve@mitre.org

http://secunia.com/advisories/17863