Vulnerability Details CVE-2004-1715
Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=109224211512029&w=2
- http://marc.info/?l=bugtraq&m=109225567212978&w=2
- http://packetstormsecurity.nl/0408-exploits/clearswift.txt
- http://secunia.com/advisories/12273
- http://www.securityfocus.com/bid/10918
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16960
- http://marc.info/?l=bugtraq&m=109224211512029&w=2
- http://marc.info/?l=bugtraq&m=109225567212978&w=2
- http://packetstormsecurity.nl/0408-exploits/clearswift.txt
- http://secunia.com/advisories/12273
- http://www.securityfocus.com/bid/10918
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16960
Products affected by CVE-2004-1715
-
cpe:2.3:a:clearswift:mimesweeper_for_web:4.0
-
cpe:2.3:a:clearswift:mimesweeper_for_web:5.0.1