CVE-2005-1283

Sažetak

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367.

Reference

http://marc.info/?l=bugtraq&m=111419001527077&w=2
http://www.osvdb.org/15821
http://www.osvdb.org/15823
https://exchange.xforce.ibmcloud.com/vulnerabilities/20226
https://exchange.xforce.ibmcloud.com/vulnerabilities/20229

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:32

Objavljeno

22-04-2005 - 04:00