CyberSec.Space Logo
CVEブラウザに戻る

CVE-2011-3579

MEDIUM
6.4
CVSS Severity Score
EPSS Score0.1150%
EPSS Percentile6.24th
Published2011年9月30日
Last Modified2026年4月29日

Vulnerability Description

server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

Affected Platforms (CPE)

📦
Icewarp

Mail Server

<= 10.3.2
📦
Icewarp

Mail Server

= 9.3.0
📦
Icewarp

Mail Server

= 9.3.1
📦
Icewarp

Mail Server

= 9.3.2
📦
Icewarp

Mail Server

= 9.4.0
📦
Icewarp

Mail Server

= 9.4.1
📦
Icewarp

Mail Server

= 9.4.2
📦
Icewarp

Mail Server

= 10.0.3
📦
Icewarp

Mail Server

= 10.0.4
📦
Icewarp

Mail Server

= 10.0.7
📦
Icewarp

Mail Server

= 10.0.8
📦
Icewarp

Mail Server

= 10.1.1
📦
Icewarp

Mail Server

= 10.1.2
📦
Icewarp

Mail Server

= 10.1.3
📦
Icewarp

Mail Server

= 10.1.4
📦
Icewarp

Mail Server

= 10.2.0
📦
Icewarp

Mail Server

= 10.2.1
📦
Icewarp

Mail Server

= 10.2.2
📦
Icewarp

Mail Server

= 10.3.0
📦
Icewarp

Mail Server

= 10.3.1

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html
🔗 http://securityreason.com/securityalert/8404
🔗 http://securitytracker.com/id?1026093
🔗 http://www.osvdb.org/75721
🔗 http://www.securityfocus.com/bid/49753
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/70025
🔗 https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt
🔗 http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html

関連する脆弱性情報

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...