3473 matches found
CVE-2001-1547
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code...
[SA15962] Novell Netmail Script Insertion Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
eRoomVuln.txt
/ $ An open security advisory 9 - eRoom v6. Vulnerabilities 1: Bug Researcher: c0ntex - c0ntexbatgmail.com 2: Bug Released: July 06 2005 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Remote $ This advisory and/or proof of concept code must not be used for commercial gain. Documentum eRoom...
GLSA-200506-21 : Trac: File upload vulnerability
The remote host is affected by the vulnerability described in GLSA-200506-21 Trac: File upload vulnerability Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the 'id' parameter when uploading attachments to the wiki or the bug tracking system. Impact : A remote...
CVE-2002-1711
CVE-2002-1711 affects BasiliX Webmail 1.1.0. The vulnerability is that attachments are saved in a world-readable, insecure "/tmp/BasiliX" directory, allowing a local attacker to read other users’ attachments. Documentation confirms BasiliX 1.1.0 stores attachments publicly on the host and that th...
CVE-2002-1711
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments...
CVE-2002-1741
Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." dot dot in the Attachments parameter...
Microsoft Step-By-Step Interactive Training Bookmark Link Buffer Overflow Vulnerability
Description Microsoft Step-By-Step Interactive Training is prone to a buffer overflow vulnerability. This is due to a boundary condition error related to validation of data in bookmark link files. As bookmark link files may originate from an external source, this issue may be remotely exploitable...
[SA15558] I-Man File Attachments Upload Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities
Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/13753/info Sun JavaMail is prone to multiple information disclosure vulnerabilities. The issues exist due to a lack of sufficient input sanitization performed on user-supplied requests. Th...
Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/13753/info Sun JavaMail is prone to multiple information disclosure vulnerabilities. The issues exist due to a lack of sufficient input sanitization performed on user-supplied requests. The following issues are reported: A remote attacker may reveal the...
Kerio MailServer < 6.0.10 Multiple Mail Handling DoS
According to its banner, the remote host is running a version of Kerio MailServer prior to 6.0.10. In those versions, crashes can occur when downloading certain email messages in IMAP or Outlook with Kerio Outlook Connector KOC or, under Linux, when parsing email messages with multiple embedded...
security flaw
Evolution 2.0.3 allows remote attackers to cause a denial of service application crash or hang via crafted messages, possibly involving charsets in attachment filenames...
CVE-2005-1439
Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter...
CVE-2005-1439
Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter...
PT-2005-2435 · Osticket · Osticket
Name of the Vulnerable Software and Affected Versions: osTicket affected versions not specified Description: A directory traversal issue exists in the attachments.php file of osTicket, allowing remote attackers to read arbitrary files by using .. sequences in the file parameter of the...
CVE-2005-0926
Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via attachments with MIME-encoded file names...
CVE-2005-1129
eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient...
CVE-2005-0142
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such a...
CVE-2005-0142
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such a...