ID |
CVE-2005-1283
|
Summary |
Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 11-07-2017 - 01:32) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bugtraq | 20050422 Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6 | osvdb | | xf | - argosoft-mail-server-dir-traversal(20229)
- argosoft-mail-server-eml-files-dir-traversal(20226)
|
|
Last major update |
11-07-2017 - 01:32 |
Published |
22-04-2005 - 04:00 |
Last modified |
11-07-2017 - 01:32 |