CVE-2004-2584

Sažetak

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.

Reference

http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt
http://www.zone-h.org/advisories/read/id=4098
https://exchange.xforce.ibmcloud.com/vulnerabilities/15392

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:32

Objavljeno

31-12-2004 - 05:00