Lucene search

[email protected]CVE-2006-0611

HistoryFeb 09, 2006 - 12:02 a.m.

CVE-2006-0611

2006-02-0900:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0611

directory traversal

@mail 4.3

windows

remote attack

upload vulnerability

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.4%

JSON

Directory traversal vulnerability in compose.pl in @Mail 4.3 and earlier for Windows allows remote attackers to upload arbitrary files to arbitrary locations via a … (dot dot) in the unique parameter.

CPENameOperatorVersion
atmail:atmailatmaileq4.3

CPE	Name	Operator	Version
atmail:atmail	atmail	eq	4.3

References

kb.atmail.com/view_article.php?num=374

secunia.com/advisories/18646

www.osvdb.org/22882

www.securityfocus.com/bid/16470

www.vupen.com/english/advisories/2006/0415

exchange.xforce.ibmcloud.com/vulnerabilities/24459

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.4%

JSON

Related for CVE-2006-0611

prion1