Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0140

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-0140
Last Modified 22 Oct 2008 01:44:05
Published 08 Jan 2008 02:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0140

Summary

Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172.

Vulnerable Systems

Application

  • Uebimiau Webmail 2.7.10

  • Uebimiau Webmail 2.7.2


References

XF - uebimiau-webmail-error-directory-traversal(39460)

BID - 27154

MILW0RM - 4846

VIM - 20080107 Uebimiau Web-Mail 2.7.10/2.7.2 Remote File Disclosure Vulnerability


Last Updated: 27 May 2016 10:46:40