CVE-2011-1430

all versions

The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allo

CVE-2007-2795

<= 2006.2

Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code

CVE-2007-5094

all versions

Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to

CVE-2007-1637

all versions

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote at

CVE-2005-2160

all versions

IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.

7.5HIGH

CVE-2005-1256

all versions

Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versio

CVE-2005-1255

all versions

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other v

CVE-2005-1254

<= server_8.2_hotfix_2

Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix

CVE-2005-1252

all versions

Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2

CVE-1999-1557

<= 5.0

Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a

CVE-2004-2423

all versions

Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a den

CVE-2004-2422

all versions

Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long

CVE-2004-1520

all versions

Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DEL

CVE-2004-0297

all versions

Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 all

CVE-2002-1077

all versions

IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST req

CVE-2002-1076

all versions

Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a

CVE-2002-0777

all versions

Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a lo

CVE-2001-1211

all versions

Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list inf

CVE-2001-1287

all versions

Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HT

CVE-2001-1286

all versions

Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obta

CVE-2001-1285

all versions

Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailbo

CVE-2001-1284

all versions

Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions

CVE-2001-1283

all versions

The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) v

CVE-2001-1282

all versions

Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote att

CVE-2001-1281

all versions

Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users b

CVE-2001-1280

all versions

POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote

CVE-2001-0494

<= 6.06

Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code v

CVE-2001-0039

all versions

IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded

CVE-2000-0825

all versions

Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: he

CVE-2000-0780

all versions

The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) at

CVE-2000-0301

all versions

Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command.

CVE-2000-0056

all versions

IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.

CVE-1999-1497

all versions

Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read password

CVE-2000-0019

all versions

IMail POP3 daemon uses weak encryption, which allows local users to read files.

CVE-1999-1551

all versions

Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitra

CVE-1999-1046

all versions

Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary comm

CVE-1999-1171

all versions

IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry k

CVE-1999-1170

all versions

IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry ke