Vulnerability Details CVE-2004-2584
frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.1%
CVSS Severity
CVSS v2 Score 4.0
References
- http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt
- http://www.zone-h.org/advisories/read/id=4098
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15392
- http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt
- http://www.zone-h.org/advisories/read/id=4098
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15392
Products affected by CVE-2004-2584
-
cpe:2.3:a:smartertools:smartermail:1.6.1511
-
cpe:2.3:a:smartertools:smartermail:1.6.1529