Vulnerability Details CVE-2008-5991
Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the doc parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/31994
- http://www.securityfocus.com/bid/31378
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45393
- https://www.exploit-db.com/exploits/6552
- http://secunia.com/advisories/31994
- http://www.securityfocus.com/bid/31378
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45393
- https://www.exploit-db.com/exploits/6552
Products affected by CVE-2008-5991
-
cpe:2.3:a:mailscanner:mailscanner:3.14-1
-
cpe:2.3:a:mailscanner:mailscanner:3.15-1
-
cpe:2.3:a:mailscanner:mailscanner:3.16-1
-
cpe:2.3:a:mailscanner:mailscanner:3.17-1
-
cpe:2.3:a:mailscanner:mailscanner:3.17-2
-
cpe:2.3:a:mailscanner:mailscanner:3.20-1
-
cpe:2.3:a:mailscanner:mailscanner:3.20-4
-
cpe:2.3:a:mailscanner:mailscanner:3.20-5
-
cpe:2.3:a:mailscanner:mailscanner:3.20-6
-
cpe:2.3:a:mailscanner:mailscanner:3.20-7
-
cpe:2.3:a:mailscanner:mailscanner:3.21-1
-
cpe:2.3:a:mailscanner:mailscanner:3.22-10
-
cpe:2.3:a:mailscanner:mailscanner:3.22-11
-
cpe:2.3:a:mailscanner:mailscanner:3.22-12
-
cpe:2.3:a:mailscanner:mailscanner:3.22-13
-
cpe:2.3:a:mailscanner:mailscanner:3.22-14
-
cpe:2.3:a:mailscanner:mailscanner:3.22-5
-
cpe:2.3:a:mailscanner:mailscanner:3.22-6
-
cpe:2.3:a:mailscanner:mailscanner:3.22-7
-
cpe:2.3:a:mailscanner:mailscanner:3.22-8
-
cpe:2.3:a:mailscanner:mailscanner:3.22-9
-
cpe:2.3:a:mailscanner:mailscanner:3.23-1
-
cpe:2.3:a:mailscanner:mailscanner:3.23-2
-
cpe:2.3:a:mailscanner:mailscanner:3.23-3
-
cpe:2.3:a:mailscanner:mailscanner:3.23-4
-
cpe:2.3:a:mailscanner:mailscanner:3.24-1
-
cpe:2.3:a:mailscanner:mailscanner:4.0
-
cpe:2.3:a:mailscanner:mailscanner:4.01
-
cpe:2.3:a:mailscanner:mailscanner:4.02
-
cpe:2.3:a:mailscanner:mailscanner:4.03
-
cpe:2.3:a:mailscanner:mailscanner:4.04
-
cpe:2.3:a:mailscanner:mailscanner:4.05
-
cpe:2.3:a:mailscanner:mailscanner:4.10
-
cpe:2.3:a:mailscanner:mailscanner:4.11
-
cpe:2.3:a:mailscanner:mailscanner:4.12
-
cpe:2.3:a:mailscanner:mailscanner:4.13
-
cpe:2.3:a:mailscanner:mailscanner:4.14
-
cpe:2.3:a:mailscanner:mailscanner:4.20
-
cpe:2.3:a:mailscanner:mailscanner:4.21
-
cpe:2.3:a:mailscanner:mailscanner:4.22
-
cpe:2.3:a:mailscanner:mailscanner:4.22-5
-
cpe:2.3:a:mailscanner:mailscanner:4.23-11
-
cpe:2.3:a:mailscanner:mailscanner:4.24-5
-
cpe:2.3:a:mailscanner:mailscanner:4.25-14
-
cpe:2.3:a:mailscanner:mailscanner:4.26.8
-
cpe:2.3:a:mailscanner:mailscanner:4.27.7
-
cpe:2.3:a:mailscanner:mailscanner:4.28.6
-
cpe:2.3:a:mailscanner:mailscanner:4.29.7
-
cpe:2.3:a:mailscanner:mailscanner:4.30.3
-
cpe:2.3:a:mailscanner:mailscanner:4.31.4
-
cpe:2.3:a:mailscanner:mailscanner:4.32.5
-
cpe:2.3:a:mailscanner:mailscanner:4.33.3
-
cpe:2.3:a:mailscanner:mailscanner:4.34.8
-
cpe:2.3:a:mailscanner:mailscanner:4.35.11
-
cpe:2.3:a:mailscanner:mailscanner:4.36.4
-
cpe:2.3:a:mailscanner:mailscanner:4.37.7
-
cpe:2.3:a:mailscanner:mailscanner:4.38.10
-
cpe:2.3:a:mailscanner:mailscanner:4.39.6
-
cpe:2.3:a:mailscanner:mailscanner:4.40.11
-
cpe:2.3:a:mailscanner:mailscanner:4.41.3
-
cpe:2.3:a:mailscanner:mailscanner:4.42.9
-
cpe:2.3:a:mailscanner:mailscanner:4.43.8
-
cpe:2.3:a:mailscanner:mailscanner:4.44.6-2
-
cpe:2.3:a:mailscanner:mailscanner:4.45.4-1
-
cpe:2.3:a:mailscanner:mailscanner:4.46.2-2
-
cpe:2.3:a:mailscanner:mailscanner:4.47.4-2
-
cpe:2.3:a:mailscanner:mailscanner:4.48.4-2
-
cpe:2.3:a:mailscanner:mailscanner:4.49.7-1
-
cpe:2.3:a:mailscanner:mailscanner:4.50.15-1
-
cpe:2.3:a:mailscanner:mailscanner:4.51.6-1
-
cpe:2.3:a:mailscanner:mailscanner:4.52.2-1
-
cpe:2.3:a:mailscanner:mailscanner:4.53.8-1
-
cpe:2.3:a:mailscanner:mailscanner:4.54.6-1
-
cpe:2.3:a:mailscanner:mailscanner:4.55.9-1
-
cpe:2.3:a:mailscanner:mailscanner:4.56.8-1
-
cpe:2.3:a:mailscanner:mailscanner:4.57.7-1
-
cpe:2.3:a:mailscanner:mailscanner:4.58.9-1
-
cpe:2.3:a:mailscanner:mailscanner:4.59.4-2
-
cpe:2.3:a:mailscanner:mailscanner:4.60.8-1
-
cpe:2.3:a:mailscanner:mailscanner:4.61.7-2
-
cpe:2.3:a:mailscanner:mailscanner:4.62.9-3
-
cpe:2.3:a:mailscanner:mailscanner:4.63.8-1
-
cpe:2.3:a:mailscanner:mailscanner:4.64.3-2
-
cpe:2.3:a:mailscanner:mailscanner:4.65.3-1
-
cpe:2.3:a:mailscanner:mailscanner:4.66.5-3
-
cpe:2.3:a:mailscanner:mailscanner:4.67.6-1
-
cpe:2.3:a:mailscanner:mailscanner:4.68.8-1
-
cpe:2.3:a:mailscanner:mailscanner:4.69.9-3
-
cpe:2.3:a:mailscanner:mailscanner:4.70.7-1
-
cpe:2.3:a:mailscanner:mailscanner:4.71.10-1
-
cpe:2.3:a:mailscanner:mailscanner:4.72.5-1
-
cpe:2.3:a:mailscanner:mailscanner:4.73.4-2
-
cpe:2.3:a:mailscanner:mailscanner:4.74.16-1
-
cpe:2.3:a:mailscanner:mailscanner:4.75.11-1
-
cpe:2.3:a:mailscanner:mailscanner:4.76.25-1
-
cpe:2.3:a:mailscanner:mailscanner:4.77.10-1
-
cpe:2.3:a:mailscanner:mailscanner:4.78.17-1
-
cpe:2.3:a:mailscanner:mailscanner:4.79.11-1
-
cpe:2.3:a:mailscanner:mailscanner:4.79.11-2
-
cpe:2.3:a:mailscanner:mailscanner:4.79.11-2.1
-
cpe:2.3:a:mailscanner:mailscanner:4.80.10-1
-
cpe:2.3:a:mailscanner:mailscanner:4.81.4-1
-
cpe:2.3:a:mailscanner:mailscanner:4.82.6-1
-
cpe:2.3:a:mailscanner:mailscanner:4.83.5-1
-
cpe:2.3:a:mailscanner:mailscanner:4.84.5-2
-
cpe:2.3:a:mailscanner:mailscanner:4.84.5-3
-
cpe:2.3:a:mailscanner:mailscanner:4.84.6-1
-
cpe:2.3:a:mailscanner:mailscanner:4.85.1-1
-
cpe:2.3:a:mailscanner:mailscanner:4.85.2-1
-
cpe:2.3:a:mailscanner:mailscanner:4.85.2-2
-
cpe:2.3:a:mailscanner:mailscanner:4.85.2-3
-
cpe:2.3:a:mailscanner:mailscanner:4.85.3-1
-
cpe:2.3:a:mailscanner:mailscanner:4.85.3-2
-
cpe:2.3:a:mailscanner:mailscanner:4.86.1-1
-
cpe:2.3:a:mailwatch:mailwatch:*
-
cpe:2.3:a:mailwatch:mailwatch:0.3
-
cpe:2.3:a:mailwatch:mailwatch:0.4
-
cpe:2.3:a:mailwatch:mailwatch:0.5
-
cpe:2.3:a:mailwatch:mailwatch:0.5.1
-
cpe:2.3:a:mailwatch:mailwatch:1.0
-
cpe:2.3:a:mailwatch:mailwatch:1.0.2
-
cpe:2.3:a:mailwatch:mailwatch:1.0.3