Ipswitch IMail Server version 11.01 contain a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on the targeted system.
The vulnerability exists because the affected software does not perform sufficient boundary checks on user-supplied input whenprocessing an e-mail message. An authenticated, remote attacker could exploit the vulnerability by sending a malicious e-mail message to the affected software. Processing such malicious e-mail message could corrupt the system memory, which could be used to execute arbitrary code or cause a DoS condition.
Ipswitch has not confirmed this vulnerability and software updates are not available.