{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-05T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-12-09T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20051206 Ipswitch Collaboration Suite SMTP Format String Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://www.idefense.com/application/poi/display?id=346&type=vulnerabilities"}, {"name": "1015317", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015317"}, {"name": "17863", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17863"}, {"name": "ADV-2005-2782", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2782"}, {"name": "15752", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/15752"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2931", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20051206 Ipswitch Collaboration Suite SMTP Format String Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=346&type=vulnerabilities"}, {"name": "1015317", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015317"}, {"name": "17863", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17863"}, {"name": "ADV-2005-2782", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2782"}, {"name": "15752", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15752"}, {"name": "http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp", "refsource": "CONFIRM", "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:53:29.797Z"}, "title": "CVE Program Container", "references": [{"name": "20051206 Ipswitch Collaboration Suite SMTP Format String Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://www.idefense.com/application/poi/display?id=346&type=vulnerabilities"}, {"name": "1015317", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015317"}, {"name": "17863", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17863"}, {"name": "ADV-2005-2782", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/2782"}, {"name": "15752", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/15752"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2931", "datePublished": "2005-12-07T01:00:00", "dateReserved": "2005-09-15T00:00:00", "dateUpdated": "2024-08-07T22:53:29.797Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ipswitch:imail_server:8.20:*:*:*:*:*:*:*", "matchCriteriaId": "188ADF5A-00A4-4608-A9F9-EDF61CEFAA20", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEC4E630-46A4-4C8F-9D73-F8B7241F4795", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "59B7AA85-5A6A-4D40-8ACA-26A6C2FBDACC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands."}], "id": "CVE-2005-2931", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-07T01:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/17863"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015317"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.idefense.com/application/poi/display?id=346&type=vulnerabilities"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15752"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17863"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015317"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.idefense.com/application/poi/display?id=346&type=vulnerabilities"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im822.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15752"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2782"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}