CVE-2005-3691

Sažetak

Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands.

Reference

http://secunia.com/advisories/17633
http://secunia.com/secunia_research/2005-59/advisory/
http://securitytracker.com/id?1015239
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/bid/15494
http://www.vupen.com/english/advisories/2005/2484

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

08-03-2011 - 02:26

Objavljeno

19-11-2005 - 01:03