CVE-2004-2284

2005-07-1904:00:00

mitre

www.cve.org

7.6 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

89.9%

JSON

The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument.

References

openwebmail.org/openwebmail/download/cert/advisories/SA-04:04.txt

secunia.com/advisories/12017

securitytracker.com/id?1010605

www.osvdb.org/7474

www.securityfocus.com/bid/10637

exchange.xforce.ibmcloud.com/vulnerabilities/16549