Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1657

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1657
Last Modified 05 Sep 2008 04:49:43
Published 18 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1657

Summary

Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml.

Vulnerable Systems

Application

  • Mercur Messaging 2005 Sp2


References

OSVDB - 16225

OSVDB - 16224

OSVDB - 16223

OSVDB - 16222

OSVDB - 16221

OSVDB - 16220

SECUNIA - 15234


Last Updated: 27 May 2016 10:40:14