KLA10399
Multiple vulnerabilities in Winmail
Обновлено: 17/06/2019
Дата обнаружения
21/11/2005
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Winmail Server. Malicious users can exploit these vulnerabilities to inject scripts or overwrite local files. Below is a complete list of vulnerabilities

  1. A directory traversal can be exploited remotely via a side parameter;
  2. An XSS vulnerability can be exploited remotely via a retid parameter or specially designed e-mail messages.
Пораженные продукты

AMAX Magic Winmail Server versions 4.2 and earlier

Решение

Update to latest version

Оказываемое влияние
?
CI 
[?]

WLF 
[?]
Связанные продукты
Winmail Server
CVE-IDS
CVE-2005-38115.0Critical
CVE-2005-36924.3Warning