CVE-2004-1670 in Web Mailinfo

Summary

Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

02/21/2005

Disclosure

09/10/2004

Moderation

VulDB entry created

Entries

1: VDB-22205

CPE

ready

CWE

CWE-22 (Confirmed)

CVSS

7.3

EPSS

0.01031

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1670
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1670
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1670/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!