7.5

CVE-2005-0313

EPSS 8.79%
Veröffentlicht 27.01.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary files via certain parameters to download.php, and remote authenticated users to read, create, or delete arbitrary directories and files via the IMAP commands (3) CREATE, (4) EXAMINE, (5) SELECT, or (6) DELETE.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Amax Information Technologies ≫ Magic Winmail Server Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	8.79%	0.921

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=110685011825461&w=2

http://secunia.com/advisories/14053

http://securitytracker.com/id?1013017

http://www.securityfocus.com/bid/12388

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19108

https://exchange.xforce.ibmcloud.com/vulnerabilities/19114

https://nvd.nist.gov/vuln/detail/CVE-2005-0313

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0313

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0313

EUVD