CyberSec.Space Logo
返回 CVE 浏览器

CVE-2004-2446

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1070%
EPSS Percentile14.17th
Published2004年12月31日
Last Modified2026年4月16日

Vulnerability Description

Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors.

Affected Platforms (CPE)

📦
1st Class Internet Solutions

1st Class Mail Server

= 4.01

References & Advisories

🔗 http://members.lycos.co.uk/r34ct/main/1st%20Class%20mail%20server%204.01.txt
🔗 http://secunia.com/advisories/11330
🔗 http://securitytracker.com/alerts/2004/Apr/1009705.html
🔗 http://www.osvdb.org/5011
🔗 http://www.securityfocus.com/bid/10089
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/15812
🔗 http://members.lycos.co.uk/r34ct/main/1st%20Class%20mail%20server%204.01.txt
🔗 http://secunia.com/advisories/11330

相关漏洞威胁

CVE-2004-23757.5

Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and p...

CVE-2004-24474.3

Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or H...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-105010.0

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME a...