6.4

CVE-2005-2176

Exploit
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NovellNetmail Version3.0.1
NovellNetmail Version3.0.3a Updatea
NovellNetmail Version3.0.3a Updateb
NovellNetmail Version3.1
NovellNetmail Version3.1 Updatef
NovellNetmail Version3.5.2 Updatea
NovellNetmail Version3.5.2 Updateb
NovellNetmail Version3.5.2 Updatec
NovellNetmail Version3.5.2 Updatec1
NovellNetmail Version3.5.2 Updatee-ftfl
NovellNetmail Version3.10
NovellNetmail Version3.10 Updatea
NovellNetmail Version3.10 Updateb
NovellNetmail Version3.10 Updatec
NovellNetmail Version3.10 Updated
NovellNetmail Version3.10 Updatee
NovellNetmail Version3.10 Updatef
NovellNetmail Version3.10 Updateg
NovellNetmail Version3.10 Updateh
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.5% 0.877
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/15962
Vendor Advisory
http://securitytracker.com/id?1014439
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
http://www.osvdb.org/17821
http://www.securityfocus.com/bid/14171
Exploit
http://www.vupen.com/english/advisories/2005/0994