Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1527

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1527
Last Modified 05 Sep 2008 04:30:50
Published 02 Apr 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1527

Summary

emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.

Vulnerable Systems

Application

  • Emumail Emu Webmail 5.0


References

VULNWATCH - 20020926 [VulnWatch] EMU Webmail 5.0 XSS vuln, and webroot path disclosure

BID - 5823

XF - emu-webmail-path-disclosure(10204)

XF - emu-webmail-address-xss(10205)


Last Updated: 27 May 2016 10:37:22