Smartermail Security Vulnerabilities and Issues — Smartermail CVE List

Lucene search

SmartertoolsSmartermail

5 matches found

CVE•added 2005/11/28 11:0 p.m.•35 views

CVE-2004-2583

SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous open connections to TCP port 25.

7.8CVSS7AI score0.00834EPSS

CVE•added 2005/11/28 11:0 p.m.•35 views

CVE-2004-2585

Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area.

4.3CVSS6AI score0.00675EPSS

CVE•added 2005/11/28 11:0 p.m.•35 views

CVE-2004-2587

login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow.

5CVSS7.3AI score0.00998EPSS

CVE•added 2005/11/28 11:0 p.m.•31 views

CVE-2004-2584

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.

4CVSS6.6AI score0.00267EPSS

CVE•added 2005/11/28 11:0 p.m.•30 views

CVE-2004-2586

Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter.

5CVSS7.1AI score0.00834EPSS