Ipswitch Instant Messaging : Security vulnerabilities, CVEs

Copy

CVE-2008-0946

Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.

Max CVSS

4.9

EPSS Score

1.05%

Published

2008-02-25

Updated

2018-10-15

CVE-2008-0945

Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.

Max CVSS

3.5

EPSS Score

1.32%

Published

2008-02-25

Updated

2018-10-15

CVE-2008-0944

Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero.

Max CVSS

5.0

EPSS Score

14.69%

Published

2008-02-25

Updated

2018-10-15

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!