Vulnerability Details CVE-2001-0901
Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by requesting the URL for the attachment.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=100626603407639&w=2
- http://www.hypermail.org/dist/hypermail-2.1.4.tar.gz
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7576
- http://marc.info/?l=bugtraq&m=100626603407639&w=2
- http://www.hypermail.org/dist/hypermail-2.1.4.tar.gz
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7576
Products affected by CVE-2001-0901
-
cpe:2.3:a:hypermail_development:hypermail:*