- Description
- Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B64F51E1-D2B5-4E9D-962E-2DCD2B82919B",
"versionEndIncluding": "2006.2"
},
{
"criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEFD422E-19B4-4789-BA0D-42C90C4A5AE9",
"versionEndIncluding": "2006.2"
}
],
"operator": "OR"
}
]
}
]