Lucene search

MitreCVE-2005-1657

HistoryMay 18, 2005 - 4:00 a.m.

CVE-2005-1657

2005-05-1804:00:00

mitre

web.nvd.nist.gov

cve-2005-1657

directory traversal

mercur messaging 2005

sp2

unauthorized file operations

remote attack

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.013

Percentile

86.3%

JSON

Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml.

Affected configurations

Nvd

Node

mercurmercur_messagingMatch2005_sp2

VendorProductVersionCPE
mercurmercur_messaging2005_sp2cpe:2.3:a:mercur:mercur_messaging:2005_sp2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mercur	mercur_messaging	2005_sp2	cpe:2.3:a:mercur:mercur_messaging:2005_sp2:::::::*

References

secunia.com/advisories/15234

www.osvdb.org/16220

www.osvdb.org/16221

www.osvdb.org/16222

www.osvdb.org/16223

www.osvdb.org/16224

www.osvdb.org/16225

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.013

Percentile

86.3%

JSON

Related for CVE-2005-1657