CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
88.1%
Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and (2) SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to (a) list arbitrary directories or cause a denial of service via the LIST command; or create arbitrary files via the (b) APPEND, © COPY, or (d) RENAME commands.
Vendor | Product | Version | CPE |
---|---|---|---|
e-post_corporation | mail_server | 4.05 | cpe:2.3:a:e-post_corporation:mail_server:4.05:*:*:*:*:*:*:* |
e-post_corporation | spa-pro_mail_atsolomon | 4.05 | cpe:2.3:a:e-post_corporation:spa-pro_mail_atsolomon:4.05:*:*:*:*:*:*:* |