Check Point Advisories

Preemptive Protection against Microsoft Exchange IMAP Literals Remote Code Execution Vulnerability (MS07-026)

Check Point Reference: CPAI-2007-057
Date Published: 10 May 2007
Severity: Critical
Last Updated: Monday 01 January, 2007
Source: Microsoft Security Bulletin MS07-026
Industry Reference:


Protection Provided by:
Who is Vulnerable? Microsoft Exchange Server 2007
Microsoft Exchange Server 2003 SP1
Microsoft Exchange Server 2003 SP2
Microsoft Exchange 2000 Server SP3 with the Exchange 2000 Post-SP3 Update Rollup of August 2004
Vulnerability Description A denial of service vulnerability exists in Microsoft Exchange Server. Microsoft Exchange Server is a mail server product that supports various email access and exchange protocols, including the Internet Message Access Protocol (IMAP). IMAP is a standard protocol for accessing e-mail from a local server that provides management of received messages on a remote server. A remote attacker can exploit this issue to trigger denial of service which may cause the application to stop responding and to arbitrary code execution.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS07-026
Vulnerability DetailsThe vulnerability is due to an error when processing an invalid IMAP command that contains overly long verb literals. A remote attacker can exploit this flaw by appending verbs to an IMAP command to specify a command continuation request. Successful exploitation may allow an attacker to create a denial of service condition or execute arbitrary code on an affected system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.