CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-1283

HIGH
7.5
CVSS Severity Score
EPSS Score0.0220%
EPSS Percentile12.63th
Published2005年4月22日
Last Modified2026年4月16日

Vulnerability Description

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367.

Affected Platforms (CPE)

📦
Argosoft

Argosoft Mail Server

= 1.8.7.6

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111419001527077&w=2
🔗 http://www.osvdb.org/15821
🔗 http://www.osvdb.org/15823
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/20226
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/20229
🔗 http://marc.info/?l=bugtraq&m=111419001527077&w=2
🔗 http://www.osvdb.org/15821
🔗 http://www.osvdb.org/15823

相關漏洞威脅

CVE-2005-12847.5

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creatio...

CVE-2017-152235.3

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (m...

CVE-2002-10045.0

Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attacke...

CVE-2002-10055.0

ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the em...