CVE-2007-3925

Description

Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35500

https://exchange.xforce.ibmcloud.com/vulnerabilities/35496

http://www.vupen.com/english/advisories/2007/2574

http://www.securitytracker.com/id?1018419

http://www.securityfocus.com/bid/24962

http://secunia.com/advisories/26123

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=563

http://docs.ipswitch.com/IMail%202006.21/ReleaseNotes/IMail_RelNotes.htm#NewRelease

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3