- Description
- Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:imail:8.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3138FF2C-2D8A-4270-9A55-85FCA3622DD9"
},
{
"criteria": "cpe:2.3:a:ipswitch:imail:8.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1F768F-1974-4612-BED3-A608CFCC019F"
},
{
"criteria": "cpe:2.3:a:ipswitch:imail:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "785BD23E-DE6D-4ABA-AFDD-2FEA03E6DA73"
},
{
"criteria": "cpe:2.3:a:ipswitch:imail:8.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DD7A8A7-26C3-4D45-BD9C-7AAF1DC19677"
},
{
"criteria": "cpe:2.3:a:ipswitch:imail:8.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CA687C5-0C95-4EE5-ABE8-856A90AD7197"
}
],
"operator": "OR"
}
]
}
]