| ID |
CVE-2005-3691
|
| Summary |
Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.00:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.00:*:*:*:*:*:*:*
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.01:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.01:*:*:*:*:*:*:*
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.02:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.02:*:*:*:*:*:*:*
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.03:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.03:*:*:*:*:*:*:*
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.04:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_enterprise:1.04:*:*:*:*:*:*:*
-
cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.0 (as of 08-03-2011 - 02:26) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
| refmap
via4
|
|
| Last major update |
08-03-2011 - 02:26 |
| Published |
19-11-2005 - 01:03 |
| Last modified |
08-03-2011 - 02:26 |
