Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0464

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0464
Last Modified 07 Mar 2011 10:04:45
Published 25 Jan 2008 11:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0464

Summary

Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.

Vulnerable Systems

Application

  • Absofort Aconon Mail Enterprise Sql 11.5.1

  • Absofort Aconon Mail Enterprise Sql 11.7.0


References

VUPEN - ADV-2008-0310

BID - 27427

MILW0RM - 4977

SECUNIA - 28617

FULLDISC - 20080124 Directory Traversal Vulnerability in Aconon Mail

MISC - http://burnachurch.com/67/directory-traversal-luecke-in-aconon-mail/


Last Updated: 27 May 2016 10:46:48