290 matches found
CVE-2004-2585
Cross-site scripting XSS vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area...
CVE-2004-2587
Vulnerability summary for CVE-2004-2587: SmarterTools SmarterMail versions 1.6.1511 and 1.6.1529 are affected. The issue lies in login.aspx, where a long txtusername parameter can be used by a remote attacker to cause a denial of service (potentially via a buffer overflow).Impact is limited to av...
[SA14080] SmarterMail Attachment Upload Vulnerability
TITLE: SmarterMail Attachment Upload Vulnerability SECUNIA ADVISORY ID: SA14080 VERIFY ADVISORY: http://secunia.com/advisories/14080/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: SmarterMail http://secunia.com/product/3154/ DESCRIPTION: Soroush Dalili has...
SmarterMail Attachment Upload XSS
Binary data 2579.prm...
SmarterTools SmarterMail Attachment Upload XSS
There are flaws in the remote SmarterMail, a web mail interface. This version of SmarterMail is affected by a cross-site scripting issue. An attacker, exploiting this flaw, would be able to steal user credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ;...
CVE-2004-2583
SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service CPU consumption via a large number of simultaneous open connections to TCP port 25...
CVE-2004-2586
Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter...
CVE-2004-2584
frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte "%00". NOTE: it is not clear whether this issue poses a vulnerability...
CVE-2004-2585
Cross-site scripting XSS vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area...
CVE-2004-2587
login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow...