Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0320

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0320
Last Modified 05 Sep 2008 04:45:57
Published 28 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0320

Summary

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) note, (4) title, and (5) location fields to calendar.html.

Vulnerable Systems

Application

  • Icewarp Web Mail 5.3


References

BID - 12396

XF - merak-icewarp-multiple-xss(19147)

BUGTRAQ - 20050128 Multiple vulnerabilities in Icewarp Web Mail 5.3.0: New holes


Last Updated: 27 May 2016 10:39:46