CVE-2004-1715

Published: Aug 11, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL.

Affected (2)

Products: Clearswift: Mimesweeper For Web

Clearswift

1 product

Mimesweeper For Web

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Clearswift Mimesweeper For Web	Version 4.0
Clearswift Mimesweeper For Web	Version 5.0.1

References (12)

http://marc.info/?l=bugtraq&m=109224211512029&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109225567212978&w=2

Source: cve@mitre.org

http://packetstormsecurity.nl/0408-exploits/clearswift.txt

Source: cve@mitre.org

ExploitVendor Advisory

http://secunia.com/advisories/12273

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/10918

Source: cve@mitre.org

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16960

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109224211512029&w=2