Vulnerability Database

310,450

Total vulnerabilities in the database

CVE-2007-2795

Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon.

Published: Jan 27, 2009
Updated: Nov 9, 2025
CVE: CVE-2007-2795
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ipswitch / imail	2006.1	2006.1.x
ipswitch / imail	-	2006.2.x

http://www.ipswitch.com/support/imail/releases/im200621.asp
http://www.zerodayinitiative.com/advisories/ZDI-07-042/
http://www.zerodayinitiative.com/advisories/ZDI-07-043/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo