iDefense Security Advisory 03.07.07 – Remote exploitation of several ActiveX control buffer overflow vulnerabilities in Ipswitch Inc.’s IMail Server 2006 could allow attackers to execute arbitrary code with the credentials of the user visiting a malicious website. Multiple stack and heap based buffer overflows caused be unsafe strcpy and wsprintf calls could corrupt memory in a way that leads to code execution. iDefense has confirmed this vulnerability in IMail Server 2006.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/54952/03.07.07.txt
Source: https://packetstormsecurity.com/files/54952/iDEFENSE-Security-Advisory-2007-03-07.t.html