CVE Vulnerabilities

CVE-2005-1252

Published: May 25, 2005 | Modified: Nov 15, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via .. (dot dot backslash) sequences in the query string argument in a GET request to a non-existent .jsp file.

Affected Software

Name Vendor Start Version End Version
Imail Ipswitch 8.13 (including) 8.13 (including)
Imail_server Ipswitch * 8.2_hotfix_2 (including)

References