{"api_version":"1","generated_at":"2026-04-23T18:32:57+00:00","cve":"CVE-2005-1256","urls":{"html":"https://cve.report/CVE-2005-1256","api":"https://cve.report/api/cve/CVE-2005-1256.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-1256","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-1256"},"summary":{"title":"CVE-2005-1256","description":"Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-05-25 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities","name":"http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Accenture | Let there be change","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://securitytracker.com/id?1014047","name":"http://securitytracker.com/id?1014047","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - IPswitch IMail Bugs Let Remote Users View Files and Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/13727","name":"http://www.securityfocus.com/bid/13727","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Ipswitch IMail Server Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html","name":"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Ipswitch, Inc. - IMail Server Patches & Upgrades","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-1256","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1256","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"1256","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ipswitch","cpe5":"imail","cpe6":"8.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"1256","vulnerable":"1","versionEndIncluding":"8.2_hotfix_2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ipswitch","cpe5":"imail_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"1256","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ipswitch","cpe5":"ipswitch_collaboration_suite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T21:44:05.453Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"},{"name":"13727","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/13727"},{"name":"1014047","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1014047"},{"name":"20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE","x_transferred"],"url":"http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-05-24T00:00:00.000Z","descriptions":[{"lang":"en","value":"Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2005-06-04T09:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"},{"name":"13727","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/13727"},{"name":"1014047","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1014047"},{"name":"20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE"],"url":"http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-1256","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html","refsource":"CONFIRM","url":"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"},{"name":"13727","refsource":"BID","url":"http://www.securityfocus.com/bid/13727"},{"name":"1014047","refsource":"SECTRACK","url":"http://securitytracker.com/id?1014047"},{"name":"20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability","refsource":"IDEFENSE","url":"http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-1256","datePublished":"2005-05-25T04:00:00.000Z","dateReserved":"2005-04-25T00:00:00.000Z","dateUpdated":"2024-08-07T21:44:05.453Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-05-25 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*","matchCriteriaId":"443C3EE1-1C98-40F6-93DD-F60BD0C46C2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*","versionEndIncluding":"8.2_hotfix_2","matchCriteriaId":"D8FF3313-6C45-44C5-B093-E865AB16BAB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*","matchCriteriaId":"8C28E243-026F-4252-9D80-4D69C50467D3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"1256","Ordinal":"1","Title":"CVE-2005-1256","CVE":"CVE-2005-1256","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"1256","Ordinal":"1","NoteData":"Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.","Type":"Description","Title":"CVE-2005-1256"},{"CveYear":"2005","CveId":"1256","Ordinal":"2","NoteData":"2005-05-25","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"1256","Ordinal":"3","NoteData":"2005-06-04","Type":"Other","Title":"Modified"}]}}}