GCVE - cpe:2.3:a:ipswitch:imail:8.12:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ipswitch:imail:8.12:*:*:*:*:*:*:*

part: a version: 8.12 update: *

Vendor	Ipswitch (`f980cf58-ade3-5008-97dc-5202aeb62886`)
Product	Imail (`986a46cb-a46f-5cad-ad2a-db7759fd395b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-1430`	vulnerable	2026-06-03 14:31:01.445724	Details available The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Published: 2011-03-16T22:00:00.000Z Updated: 2024-08-06T22:28:41.210Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/MAPG-8DBRD4 https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 http://www.osvdb.org/71020 http://secunia.com/advisories/43676 http://www.securityfocus.com/bid/46767	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-1255`	vulnerable	2026-06-03 14:26:58.553500	Details available Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character. Published: 2005-05-25T04:00:00.000Z Updated: 2024-08-07T21:44:06.254Z Open on db.gcve.eu Reference links http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-1254`	vulnerable	2026-06-03 14:26:58.552852	Details available Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument. Published: 2005-05-25T04:00:00.000Z Updated: 2024-08-07T21:44:05.964Z Open on db.gcve.eu Reference links http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=241&type=vulnerabilities	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.