Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4940


Vulnerability Score 6.4 6.4
CVE Id CVE-2012-4940
Last Modified 25 Feb 2013 11:51:00
Published 31 Oct 2012 03:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.

Vulnerable Systems


  • Gecad Axigen Free Mail Server -


CERT-VN - VU#586556

BID - 56343

Last Updated: 27 May 2016 10:49:48