Vulnerability Database

310,449

Total vulnerabilities in the database

CVE-2008-0945

Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.

Published: Feb 25, 2008
Updated: Nov 9, 2025
CVE: CVE-2008-0945
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:N/I:N/A:P

CWEs:

CWE-134

Affected Software
References

Software	From	Fixed in
ipswitch / imserver	-	2.0.8.1.x
ipswitch / instant_messaging	-	2.0.8.1.x

http://aluigi.altervista.org/adv/ipsimene-adv.txt
http://aluigi.org/poc/ipsimene.zip
http://secunia.com/advisories/28824
http://securityreason.com/securityalert/3697
http://www.securityfocus.com/archive/1/487748/100/200/threaded
http://www.securityfocus.com/bid/27677

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo