Ironmail Security Vulnerabilities and Issues — Ironmail CVE List

Lucene search

CiphertrustIronmail

3 matches found

CVE•added 2006/10/16 11:7 p.m.•37 views

CVE-2006-5210

Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/").

5CVSS6.7AI score0.09306EPSS

CVE•added 2007/03/28 12:19 a.m.•34 views

CVE-2007-1723

Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computing CipherTrust IronMail 6.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) network, (2) defRouterIp, (3) hostName, (4) domainName, (5) ipAddress, (6) defaultRouter, (7) dn...

6.8CVSS5.9AI score0.01517EPSS

CVE•added 2006/02/04 12:6 a.m.•29 views

CVE-2006-0538

CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.

2.6CVSS6.7AI score0.01118EPSS