CVE-2007-5094

Name: CVE-2007-5094
Creator: NVD / NIST
Published: 2007-09-26T22:17:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 4.36%

Last modified Jun 16, 2026

CVE-2007-5094 is a vulnerability of currently unknown severity. Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line.. EPSS estimates a 4.36% chance of exploitation in the next 30 days.

Description

Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line.

Metrics

EPSS Probability

4.36%

90.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Ipswitch	Imail	8.0.3
Ipswitch	Imail	8.0.5
Ipswitch	Imail	8.1
Ipswitch	Imail	8.01
Ipswitch	Imail	8.11

References

Timeline

Published: Sep 26, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-5094?

How severe is CVE-2007-5094?

Severity scoring for CVE-2007-5094 is pending analysis. The EPSS model estimates a 4.36% probability of exploitation in the next 30 days.

How do I fix CVE-2007-5094?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-5094?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST