The webmail interface for Ipswitch IMail 7.04 and previous versions allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ipswitch imail 7.0.4 |
||
ipswitch imail 6.0.2 |
||
ipswitch imail 6.0.6 |