Lucene search

K
cve[email protected]CVE-2005-1491
HistoryMay 11, 2005 - 4:00 a.m.

CVE-2005-1491

2005-05-1104:00:00
NVD-CWE-Other
web.nvd.nist.gov
18
cve-2005-1491
merak mail server
icewarp web mail
remote authentication
directory traversal
file manipulation

7.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.0%

Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html.

7.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.0%