Lucene search

K

MitreCVELIST:CVE-2006-0817

HistoryJul 18, 2006 - 11:00 p.m.

CVE-2006-0817

2006-07-1823:00:00

mitre

www.cve.org

3

AI Score

6.7

Confidence

Low

EPSS

0.115

Percentile

95.3%

Absolute path directory traversal vulnerability in (a) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (b) VisNetic MailServer before 8.5.0.5 allows remote attackers to include arbitrary files via a full Windows path and drive letter in the (1) language parameter in accounts/inc/include.php and (2) lang_settings parameter in admin/inc/include.php, which is not properly sanitized by the securepath function, a related issue to CVE-2005-4556.

References

secunia.com/advisories/18953

secunia.com/advisories/18966

secunia.com/secunia_research/2006-12/advisory/

secunia.com/secunia_research/2006-14/advisory/

securitytracker.com/id?1016513

securitytracker.com/id?1016514

www.osvdb.org/27328

www.securityfocus.com/archive/1/440297/100/0/threaded

www.securityfocus.com/archive/1/440302/100/0/threaded

www.securityfocus.com/bid/19002

www.securityfocus.com/bid/19007

www.vupen.com/english/advisories/2006/2825

www.vupen.com/english/advisories/2006/2826

exchange.xforce.ibmcloud.com/vulnerabilities/27773

AI Score

6.7

Confidence

Low

EPSS

0.115

Percentile

95.3%

Related for CVELIST:CVE-2006-0817

prion1 cve2 nvd2 exploitdb2 cvelist1 securityvulns2 nessus2 openvas2