3 matches found
CVE-2006-5210
Summary: CVE-2006-5210 is a directory traversal vulnerability in IronWebMail (IronMail appliance) prior to 6.1.1 HotFix-17. An unauthenticated attacker can read arbitrary files by crafting a request to the IM_FILE identifier with double-url-encoded sequences (e.g., %252e%252e/). Affected software...
CVE-2007-1723
CVE-2007-1723 describes multiple cross-site scripting (XSS) vulnerabilities in the administration console of Secure Computing CipherTrust IronMail 6.1.1. The flaws allow remote attackers to inject arbitrary script/HTML through a large set of parameters across several admin pages (e.g., admin/syst...
CVE-2006-0538
CVE-2006-0538 affects CipherTrust IronMail 5.0.1. When Denial of Service Protection is enabled, remote attackers can trigger a denial of service (potential CPU consumption) via a SYN flood using malformed TCP packets from multiple connections. The provided documents do not specify exploit details...