Bvrp Software: >> Slwebmail >> 3.0 Security Vulnerabilities
Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll.
CVSS Score
7.5
EPSS Score
0.016
Published
2003-05-27
ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file.
CVSS Score
5.0
EPSS Score
0.009
Published
2003-05-27
SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message.
CVSS Score
5.0
EPSS Score
0.005
Published
2003-05-27