Vulnerabilites related to ipswitch - imail_plus
Vulnerability from fkie_nvd
Published
2007-03-23 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | imail | 2006 | |
| ipswitch | imail_plus | 2006 | |
| ipswitch | imail_premium | 2006 | |
| ipswitch | ipswitch_collaboration_suite | 2006_standard |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:imail:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "81B286D0-4168-41FF-AC1F-4E65C3AD7DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:imail_plus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C6A165-8B6B-4D0F-B2F7-3A5CDA4BA072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:imail_premium:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "635D04E6-0347-4858-B8F4-AC7BD3565E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006_standard:*:*:*:*:*:*:*",
"matchCriteriaId": "95104B1C-0B67-43FF-A93C-9296707B3DA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el control ActiveX IMAILAPILib (IMailAPI.dll) en Ipswitch IMail Server anterior a 2006.2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de los miembros (1) WebConnect y (2) Connect en el control (a)IMailServer; miembros (3) Sync3 y (4) Init3 en el control (b) IMailLDAPService y el miembro (5) SetReplyTo en el control (c)IMailUserCollection."
}
],
"evaluatorSolution": "Upgrade to version 2006.2.",
"id": "CVE-2007-1637",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-03-23T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24422"
},
{
"source": "cve@mitre.org",
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017737"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0853"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-08 21:04
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | imail_plus | 2006 | |
| ipswitch | imail_secure_server | 2006 | |
| ipswitch | ipswitch_collaboration_suite | 2006_premium | |
| ipswitch | ipswitch_collaboration_suite | 2006_standard |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:imail_plus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C6A165-8B6B-4D0F-B2F7-3A5CDA4BA072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:imail_secure_server:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "A01A5A7C-A405-4A3A-860C-7B954011A9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006_premium:*:*:*:*:*:*:*",
"matchCriteriaId": "4031612D-7151-45DF-9AF6-7DEA14FA13B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006_standard:*:*:*:*:*:*:*",
"matchCriteriaId": "95104B1C-0B67-43FF-A93C-9296707B3DA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an \u0027@\u0027 character and before a \u0027:\u0027 character."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00f3n en SMTP Daemon en Ipswitch Collaboration 2006 Suite Premium y Standard Editions, IMail, IMail Plus, e IMail Secure, permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una cadena larga situada despu\u00e9s del caracter \u201c@\u201d y antes del car\u00e1cter \u201c: \u201d."
}
],
"id": "CVE-2006-4379",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-08T21:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21795"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016803"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016804"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19885"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3496"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-028.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-1637 (GCVE-0-2007-1637)
Vulnerability from cvelistv5
Published
2007-03-23 22:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/0853 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/24422 | third-party-advisory, x_refsource_SECUNIA | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.securitytracker.com/id?1017737 | vdb-entry, x_refsource_SECTRACK | |
| http://support.ipswitch.com/kb/IM-20070305-JH01.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0853",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0853"
},
{
"name": "24422",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24422"
},
{
"name": "20070307 Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilitie",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"name": "1017737",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0853",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0853"
},
{
"name": "24422",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24422"
},
{
"name": "20070307 Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilitie",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"name": "1017737",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0853",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0853"
},
{
"name": "24422",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24422"
},
{
"name": "20070307 Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilitie",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"name": "1017737",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017737"
},
{
"name": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm",
"refsource": "CONFIRM",
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1637",
"datePublished": "2007-03-23T22:00:00",
"dateReserved": "2007-03-23T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4379 (GCVE-0-2006-4379)
Vulnerability from cvelistv5
Published
2006-09-08 21:00
Modified
2024-08-07 19:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/21795 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/445521/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1016804 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/19885 | vdb-entry, x_refsource_BID | |
| http://www.ipswitch.com/support/imail/releases/im20061.asp | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28789 | vdb-entry, x_refsource_XF | |
| http://www.ipswitch.com/support/ics/updates/ics20061.asp | x_refsource_CONFIRM | |
| http://www.zerodayinitiative.com/advisories/ZDI-06-028.html | x_refsource_MISC | |
| http://securitytracker.com/id?1016803 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/3496 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21795"
},
{
"name": "20060907 ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"name": "1016804",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016804"
},
{
"name": "19885",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19885"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"name": "ipswitch-smtp-daemon-code-execution(28789)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-028.html"
},
{
"name": "1016803",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016803"
},
{
"name": "ADV-2006-3496",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an \u0027@\u0027 character and before a \u0027:\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21795"
},
{
"name": "20060907 ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"name": "1016804",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016804"
},
{
"name": "19885",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19885"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"name": "ipswitch-smtp-daemon-code-execution(28789)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-028.html"
},
{
"name": "1016803",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016803"
},
{
"name": "ADV-2006-3496",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an \u0027@\u0027 character and before a \u0027:\u0027 character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21795"
},
{
"name": "20060907 ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"name": "1016804",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016804"
},
{
"name": "19885",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19885"
},
{
"name": "http://www.ipswitch.com/support/imail/releases/im20061.asp",
"refsource": "CONFIRM",
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"name": "ipswitch-smtp-daemon-code-execution(28789)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
},
{
"name": "http://www.ipswitch.com/support/ics/updates/ics20061.asp",
"refsource": "CONFIRM",
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-028.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-028.html"
},
{
"name": "1016803",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016803"
},
{
"name": "ADV-2006-3496",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4379",
"datePublished": "2006-09-08T21:00:00",
"dateReserved": "2006-08-28T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}