Vulnerability Description
The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ipswitch | Imail | 6.0.2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html
- http://www.ipswitch.com/Support/IMail/news.html
- http://www.securityfocus.com/bid/3427
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html
- http://www.ipswitch.com/Support/IMail/news.html
- http://www.securityfocus.com/bid/3427
FAQ
What is CVE-2001-1283?
CVE-2001-1283 is a vulnerability with a CVSS score of 7.5 (HIGH). The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other cha...
How severe is CVE-2001-1283?
CVE-2001-1283 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1283?
Check the references section above for vendor advisories and patch information. Affected products include: Ipswitch Imail.