Vulnerability Details CVE-2005-3691
Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 88.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/17633
- http://secunia.com/secunia_research/2005-59/advisory/
- http://securitytracker.com/id?1015239
- http://www.mailenable.com/hotfix/
- http://www.securityfocus.com/bid/15494
- http://www.vupen.com/english/advisories/2005/2484
- http://secunia.com/advisories/17633
- http://secunia.com/secunia_research/2005-59/advisory/
- http://securitytracker.com/id?1015239
- http://www.mailenable.com/hotfix/
- http://www.securityfocus.com/bid/15494
- http://www.vupen.com/english/advisories/2005/2484
Products affected by CVE-2005-3691
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.00
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.01
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.02
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.03
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.04
-
cpe:2.3:a:mailenable:mailenable_enterprise:1.1
-
cpe:2.3:a:mailenable:mailenable_professional:*