Lucene search
+L

3473 matches found

Cvelist
Cvelist
added 2005/07/14 4:0 a.m.25 views

CVE-2001-1547

Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code...

7.4AI score0.13737EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/07/09 12:0 a.m.27 views

[SA15962] Novell Netmail Script Insertion Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/07 12:0 a.m.34 views

eRoomVuln.txt

/ $ An open security advisory 9 - eRoom v6. Vulnerabilities 1: Bug Researcher: c0ntex - c0ntexbatgmail.com 2: Bug Released: July 06 2005 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Remote $ This advisory and/or proof of concept code must not be used for commercial gain. Documentum eRoom...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/23 12:0 a.m.16 views

GLSA-200506-21 : Trac: File upload vulnerability

The remote host is affected by the vulnerability described in GLSA-200506-21 Trac: File upload vulnerability Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the 'id' parameter when uploading attachments to the wiki or the bug tracking system. Impact : A remote...

6.1AI score
Exploits0References2
CVE
CVE
added 2005/06/21 4:0 a.m.51 views

CVE-2002-1711

CVE-2002-1711 affects BasiliX Webmail 1.1.0. The vulnerability is that attachments are saved in a world-readable, insecure "/tmp/BasiliX" directory, allowing a local attacker to read other users’ attachments. Documentation confirms BasiliX 1.1.0 stores attachments publicly on the host and that th...

2.1CVSS6.1AI score0.00349EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.30 views

CVE-2002-1711

BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments...

7.3AI score0.00349EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.25 views

CVE-2002-1741

Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." dot dot in the Attachments parameter...

6.4AI score0.01084EPSS
Exploits1References3
Symantec
Symantec
added 2005/06/14 12:0 a.m.26 views

Microsoft Step-By-Step Interactive Training Bookmark Link Buffer Overflow Vulnerability

Description Microsoft Step-By-Step Interactive Training is prone to a buffer overflow vulnerability. This is due to a boundary condition error related to validation of data in bookmark link files. As bookmark link files may originate from an external source, this issue may be remotely exploitable...

2.2AI score
Exploits0References2
securityvulns
securityvulns
added 2005/06/01 12:0 a.m.38 views

[SA15558] I-Man File Attachments Upload Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2005/05/24 12:0 a.m.11 views

Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities

Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/13753/info Sun JavaMail is prone to multiple information disclosure vulnerabilities. The issues exist due to a lack of sufficient input sanitization performed on user-supplied requests. Th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/24 12:0 a.m.24 views

Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/13753/info Sun JavaMail is prone to multiple information disclosure vulnerabilities. The issues exist due to a lack of sufficient input sanitization performed on user-supplied requests. The following issues are reported: A remote attacker may reveal the...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/05/14 12:0 a.m.25 views

Kerio MailServer < 6.0.10 Multiple Mail Handling DoS

According to its banner, the remote host is running a version of Kerio MailServer prior to 6.0.10. In those versions, crashes can occur when downloading certain email messages in IMAP or Outlook with Kerio Outlook Connector KOC or, under Linux, when parsing email messages with multiple embedded...

5.5AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/05/04 3:5 p.m.4 views

security flaw

Evolution 2.0.3 allows remote attackers to cause a denial of service application crash or hang via crafted messages, possibly involving charsets in attachment filenames...

5CVSS5.9AI score0.0166EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/05/03 4:0 a.m.18 views

CVE-2005-1439

Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter...

6.5AI score0.0172EPSS
Exploits0References3
NVD
NVD
added 2005/05/03 4:0 a.m.15 views

CVE-2005-1439

Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter...

7.5CVSS6.5AI score0.0172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2005/05/03 12:0 a.m.8 views

PT-2005-2435 · Osticket · Osticket

Name of the Vulnerable Software and Affected Versions: osTicket affected versions not specified Description: A directory traversal issue exists in the attachments.php file of osTicket, allowing remote attackers to read arbitrary files by using .. sequences in the file parameter of the...

7.5CVSS7.1AI score0.0172EPSS
Exploits0References5
OSV
OSV
added 2005/05/02 4:0 a.m.12 views

CVE-2005-0926

Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via attachments with MIME-encoded file names...

8.2AI score
Exploits0References1
NVD
NVD
added 2005/05/02 4:0 a.m.13 views

CVE-2005-1129

eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient...

2.1CVSS6.1AI score0.0037EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.28 views

CVE-2005-0142

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such a...

2.1CVSS5.9AI score0.00302EPSS
Exploits0References2
NVD
NVD
added 2005/05/02 4:0 a.m.19 views

CVE-2005-0142

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such a...

2.1CVSS6.2AI score0.00302EPSS
Exploits0References9
Rows per page
Query Builder