CVE-2007-3927

critical

Description

Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscribe."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35505

https://exchange.xforce.ibmcloud.com/vulnerabilities/35504

http://www.vupen.com/english/advisories/2007/2574

http://www.securitytracker.com/id?1018421

http://www.securityfocus.com/bid/24962

http://secunia.com/advisories/26123

http://osvdb.org/45819

http://osvdb.org/45818

http://docs.ipswitch.com/IMail%202006.21/ReleaseNotes/IMail_RelNotes.htm#NewRelease

Details

Source: Mitre, NVD

Published: 2007-07-21

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0719