CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1004

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile13.55th
PublishedOct 4, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.

Affected Platforms (CPE)

πŸ“¦
Argosoft

Argosoft Mail Server

= 1.8.1.5
πŸ“¦
Argosoft

Argosoft Mail Server

= 1.8.1.5

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-07/0029.html
πŸ”— http://www.argosoft.com/applications/mailserver/changelist.asp
πŸ”— http://www.iss.net/security_center/static/9477.php
πŸ”— http://www.securityfocus.com/bid/5144
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2002-07/0029.html
πŸ”— http://www.argosoft.com/applications/mailserver/changelist.asp
πŸ”— http://www.iss.net/security_center/static/9477.php
πŸ”— http://www.securityfocus.com/bid/5144

Related Vulnerabilities

CVE-2005-12837.5

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbi...

CVE-2005-12847.5

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creatio...

CVE-2017-152235.3

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (m...

CVE-2002-10055.0

ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the em...