CVE Vulnerabilities

CVE-2004-1672

Published: Oct 12, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users attachments by specifying the username and message ID in an HTTP request.

Affected Software

Name Vendor Start Version End Version
Web_mail Icewarp 3.3.2 (including) 3.3.2 (including)
Web_mail Icewarp 5.2.7 (including) 5.2.7 (including)
Web_mail Icewarp 5.2.8 (including) 5.2.8 (including)

References