CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Icewarp: >> Mail Server >> 9.3.0 Security Vulnerabilities

CVE-2011-3579

server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

CVSS Score

6.4

EPSS Score

0.168

Published

2011-09-30

CVE-2011-3580

IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.

CVSS Score

5.0

EPSS Score

0.004

Published

2011-09-30

Page 1

Vulnerabilities

Vulnerable Software

Icewarp: >> Mail Server >> 9.3.0 Security Vulnerabilities

Products

Pricing

Contact Us