GCVE - cpe:2.3:a:ipswitch:imail:6.0.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ipswitch:imail:6.0.1:*:*:*:*:*:*:*

part: a version: 6.0.1 update: *

Vendor	Ipswitch (`f980cf58-ade3-5008-97dc-5202aeb62886`)
Product	Imail (`986a46cb-a46f-5cad-ad2a-db7759fd395b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-1430`	vulnerable	2026-06-03 14:31:01.433173	Details available The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Published: 2011-03-16T22:00:00.000Z Updated: 2024-08-06T22:28:41.210Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/MAPG-8DBRD4 https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 http://www.osvdb.org/71020 http://secunia.com/advisories/43676 http://www.securityfocus.com/bid/46767	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2423`	vulnerable	2026-06-03 14:26:47.444250	Details available Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content." Published: 2005-08-18T04:00:00.000Z Updated: 2024-08-08T01:29:12.845Z Open on db.gcve.eu Reference links http://www.osvdb.org/9553 https://exchange.xforce.ibmcloud.com/vulnerabilities/17220 http://www.securityfocus.com/bid/11106 http://secunia.com/advisories/12453 http://support.ipswitch.com/kb/IM-20040902-DM01.htm#FIXES	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2422`	vulnerable	2026-06-03 14:26:47.433492	Details available Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. Published: 2005-08-18T04:00:00.000Z Updated: 2024-08-08T01:29:12.863Z Open on db.gcve.eu Reference links http://www.osvdb.org/9552 https://exchange.xforce.ibmcloud.com/vulnerabilities/17222 https://exchange.xforce.ibmcloud.com/vulnerabilities/17219 http://www.osvdb.org/9554 http://www.securityfocus.com/bid/11106	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0777`	vulnerable	2026-06-03 14:26:15.055791	Details available Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T03:03:47.929Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/9116.php http://www.securityfocus.com/bid/4780 http://archives.neohapsis.com/archives/bugtraq/2002-05/0172.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.