GCVE - cpe:2.3:a:ipswitch:imail:6.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ipswitch:imail:6.2:*:*:*:*:*:*:*

part: a version: 6.2 update: *

Vendor	Ipswitch (`f980cf58-ade3-5008-97dc-5202aeb62886`)
Product	Imail (`986a46cb-a46f-5cad-ad2a-db7759fd395b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-1430`	vulnerable	2026-06-03 14:31:01.436653	Details available The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Published: 2011-03-16T22:00:00.000Z Updated: 2024-08-06T22:28:41.210Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/MAPG-8DBRD4 https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 http://www.osvdb.org/71020 http://secunia.com/advisories/43676 http://www.securityfocus.com/bid/46767	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2423`	vulnerable	2026-06-03 14:26:47.444363	Details available Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content." Published: 2005-08-18T04:00:00.000Z Updated: 2024-08-08T01:29:12.845Z Open on db.gcve.eu Reference links http://www.osvdb.org/9553 https://exchange.xforce.ibmcloud.com/vulnerabilities/17220 http://www.securityfocus.com/bid/11106 http://secunia.com/advisories/12453 http://support.ipswitch.com/kb/IM-20040902-DM01.htm#FIXES	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2422`	vulnerable	2026-06-03 14:26:47.436940	Details available Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. Published: 2005-08-18T04:00:00.000Z Updated: 2024-08-08T01:29:12.863Z Open on db.gcve.eu Reference links http://www.osvdb.org/9552 https://exchange.xforce.ibmcloud.com/vulnerabilities/17222 https://exchange.xforce.ibmcloud.com/vulnerabilities/17219 http://www.osvdb.org/9554 http://www.securityfocus.com/bid/11106	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1077`	vulnerable	2026-06-03 14:26:15.806832	Details available IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. Published: 2002-08-31T04:00:00.000Z Updated: 2024-08-08T03:12:17.041Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2002-07/0399.html http://www.securityfocus.com/bid/5365 http://www.iss.net/security_center/static/9722.php	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1076`	vulnerable	2026-06-03 14:26:15.806270	Details available Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T03:12:17.237Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2002-07/0326.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0368.html http://support.ipswitch.com/kb/IM-20020731-DM02.htm http://www.iss.net/security_center/static/9679.php http://www.securityfocus.com/bid/5323	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0777`	vulnerable	2026-06-03 14:26:15.058783	Details available Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T03:03:47.929Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/9116.php http://www.securityfocus.com/bid/4780 http://archives.neohapsis.com/archives/bugtraq/2002-05/0172.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-1211`	vulnerable	2026-06-03 14:26:03.198013	Details available Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. Published: 2002-03-15T05:00:00.000Z Updated: 2024-08-08T04:44:08.288Z Open on db.gcve.eu Reference links http://support.ipswitch.com/kb/IM-20011219-DM01.htm http://www.securityfocus.com/bid/3766 http://support.ipswitch.com/kb/IM-20020301-DM02.htm http://www.iss.net/security_center/static/7752.php http://www.securityfocus.com/archive/1/247786	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0780`	vulnerable	2026-06-03 14:25:59.889920	Details available The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:41.571Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=96767207207553&w=2 http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/1617	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0301`	vulnerable	2026-06-03 14:25:42.919721	Details available Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:14:21.102Z Open on db.gcve.eu Reference links http://support.ipswitch.com/kb/IM-20000208-DM02.htm http://marc.info/?l=bugtraq&m=95505800117143&w=2 http://www.securityfocus.com/bid/1094	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.