Vulnerability Details CVE-2005-2176
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.3%
CVSS Severity
CVSS v2 Score 6.4
References
- http://secunia.com/advisories/15962
- http://securitytracker.com/id?1014439
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
- http://www.osvdb.org/17821
- http://www.securityfocus.com/bid/14171
- http://www.vupen.com/english/advisories/2005/0994
- http://secunia.com/advisories/15962
- http://securitytracker.com/id?1014439
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
- http://www.osvdb.org/17821
- http://www.securityfocus.com/bid/14171
- http://www.vupen.com/english/advisories/2005/0994
Products affected by CVE-2005-2176
-
cpe:2.3:a:novell:netmail:3.0.1
-
cpe:2.3:a:novell:netmail:3.0.3a
-
cpe:2.3:a:novell:netmail:3.1
-
cpe:2.3:a:novell:netmail:3.10
-
cpe:2.3:a:novell:netmail:3.5.2