Lucene search

[email protected]NVD:CVE-2005-0445

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0445

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.

Affected configurations

Nvd

Node

open_webmailopen_webmailMatch2.00

open_webmailopen_webmailMatch2.01

open_webmailopen_webmailMatch2.10

open_webmailopen_webmailMatch2.20

open_webmailopen_webmailMatch2.21

open_webmailopen_webmailMatch2.30

open_webmailopen_webmailMatch2.32

open_webmailopen_webmailMatch2.40

open_webmailopen_webmailMatch2.41

open_webmailopen_webmailMatch2.50

VendorProductVersionCPE
open_webmailopen_webmail2.00cpe:2.3:a:open_webmail:open_webmail:2.00:*:*:*:*:*:*:*
open_webmailopen_webmail2.01cpe:2.3:a:open_webmail:open_webmail:2.01:*:*:*:*:*:*:*
open_webmailopen_webmail2.10cpe:2.3:a:open_webmail:open_webmail:2.10:*:*:*:*:*:*:*
open_webmailopen_webmail2.20cpe:2.3:a:open_webmail:open_webmail:2.20:*:*:*:*:*:*:*
open_webmailopen_webmail2.21cpe:2.3:a:open_webmail:open_webmail:2.21:*:*:*:*:*:*:*
open_webmailopen_webmail2.30cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*
open_webmailopen_webmail2.32cpe:2.3:a:open_webmail:open_webmail:2.32:*:*:*:*:*:*:*
open_webmailopen_webmail2.40cpe:2.3:a:open_webmail:open_webmail:2.40:*:*:*:*:*:*:*
open_webmailopen_webmail2.41cpe:2.3:a:open_webmail:open_webmail:2.41:*:*:*:*:*:*:*
open_webmailopen_webmail2.50cpe:2.3:a:open_webmail:open_webmail:2.50:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
open_webmail	open_webmail	2.00	cpe:2.3:a:open_webmail:open_webmail:2.00:::::::*
open_webmail	open_webmail	2.01	cpe:2.3:a:open_webmail:open_webmail:2.01:::::::*
open_webmail	open_webmail	2.10	cpe:2.3:a:open_webmail:open_webmail:2.10:::::::*
open_webmail	open_webmail	2.20	cpe:2.3:a:open_webmail:open_webmail:2.20:::::::*
open_webmail	open_webmail	2.21	cpe:2.3:a:open_webmail:open_webmail:2.21:::::::*
open_webmail	open_webmail	2.30	cpe:2.3:a:open_webmail:open_webmail:2.30:::::::*
open_webmail	open_webmail	2.32	cpe:2.3:a:open_webmail:open_webmail:2.32:::::::*
open_webmail	open_webmail	2.40	cpe:2.3:a:open_webmail:open_webmail:2.40:::::::*
open_webmail	open_webmail	2.41	cpe:2.3:a:open_webmail:open_webmail:2.41:::::::*
open_webmail	open_webmail	2.50	cpe:2.3:a:open_webmail:open_webmail:2.50:::::::*

References

secunia.com/advisories/14253

securitytracker.com/id?1013172

turtle.ee.ncku.edu.tw/openwebmail/doc/changes.txt

turtle.ee.ncku.edu.tw/openwebmail/download/cert/patches/SA-05:01/2.5x.patch

www.securityfocus.com/bid/12547

exchange.xforce.ibmcloud.com/vulnerabilities/19335

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Related for NVD:CVE-2005-0445

nessus1 cvelist1 openvas2 cve1