CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0337

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile39.19th
PublishedNov 23, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future.

Affected Platforms (CPE)

πŸ“¦
Software602

602pro Lan Suite

= 2002
πŸ“¦
Software602

602pro Lan Suite

= 2003

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html
πŸ”— http://marc.info/?l=bugtraq&m=107799540630302&w=2
πŸ”— http://www.securityfocus.com/bid/9777
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15351
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html
πŸ”— http://marc.info/?l=bugtraq&m=107799540630302&w=2
πŸ”— http://www.securityfocus.com/bid/9777
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15351

Related Vulnerabilities

CVE-2000-11157.5

Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attacker...

CVE-2001-04477.5

Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary ...

CVE-2007-32037.5

Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to ...

CVE-2002-19285.0

602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or "....