CVE-2007-1637

Published: Mar 23, 2007Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.

Affected (4)

Products: Ipswitch: Imail, Imail Plus, Imail Premium, Ipswitch Collaboration Suite

4 products

Ipswitch Collaboration Suite

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Ipswitch Imail	Version 2006
Ipswitch Imail Plus	Version 2006
Ipswitch Imail Premium	Version 2006
Ipswitch Ipswitch Collaboration Suite	Version 2006_standard

References (10)

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487

Source: cve@mitre.org

http://secunia.com/advisories/24422

Source: cve@mitre.org

Vendor Advisory

http://support.ipswitch.com/kb/IM-20070305-JH01.htm

Source: cve@mitre.org

http://www.securitytracker.com/id?1017737

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0853

Source: cve@mitre.org

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24422

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.ipswitch.com/kb/IM-20070305-JH01.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1017737

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0853

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.