CVE-2005-1283

medium

Description

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/20229

https://exchange.xforce.ibmcloud.com/vulnerabilities/20226

http://www.osvdb.org/15823

http://www.osvdb.org/15821

http://marc.info/?l=bugtraq&m=111419001527077&w=2

Details

Source: Mitre, NVD

Published: 2005-04-22

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium