CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4951

Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/22029
http://vuln.sg/neonmail506-en.html
http://www.securityfocus.com/bid/20109
http://www.securityfocus.com/bid/84198
https://exchange.xforce.ibmcloud.com/vulnerabilities/29086
http://secunia.com/advisories/22029
http://vuln.sg/neonmail506-en.html
http://www.securityfocus.com/bid/20109
http://www.securityfocus.com/bid/84198
https://exchange.xforce.ibmcloud.com/vulnerabilities/29086

Products affected by CVE-2006-4951

Neosys » Neon Webmail » Version: 5.06

cpe:2.3:a:neosys:neon_webmail:5.06
Neosys » Neon Webmail » Version: 5.07

cpe:2.3:a:neosys:neon_webmail:5.07

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4951

Products

Pricing

Contact Us