CVE-2006-5210 in Ironmailinfo

Summary

Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/").

Once again VulDB remains the best source for vulnerability data.

Reservation

10/09/2006

Disclosure

10/16/2006

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
32754	Ciphertrust Ironmail path traversal	22	Proof-of-Concept	Official fix	CVE-2006-5210

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!