CVE-2007-1637 | Vulnerability Database | Aqua Security

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.

Affected Software

Name	Vendor	Start Version	End Version
Imail	Ipswitch	2006 (including)	2006 (including)
Imail_plus	Ipswitch	2006 (including)	2006 (including)
Imail_premium	Ipswitch	2006 (including)	2006 (including)
Ipswitch_collaboration_suite	Ipswitch	2006_standard (including)	2006_standard (including)

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487
http://secunia.com/advisories/24422
http://support.ipswitch.com/kb/IM-20070305-JH01.htm
http://www.securitytracker.com/id?1017737
http://www.vupen.com/english/advisories/2007/0853
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487
http://secunia.com/advisories/24422
http://support.ipswitch.com/kb/IM-20070305-JH01.htm
http://www.securitytracker.com/id?1017737
http://www.vupen.com/english/advisories/2007/0853

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1637
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html