CVE-2004-2284

Published: Dec 31, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument.

Affected (10)

Products: Open Webmail: Open Webmail

1 product

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Open Webmail Open Webmail	Version 1.71
Open Webmail Open Webmail	Version 1.7
Open Webmail Open Webmail	Version 1.81
Open Webmail Open Webmail	Version 1.8
Open Webmail Open Webmail	Version 1.90
Open Webmail Open Webmail	Version 2.20
Open Webmail Open Webmail	Version 2.21
Open Webmail Open Webmail	Version 2.30
Open Webmail Open Webmail	Version 2.31
Open Webmail Open Webmail	Version 2.32

References (12)

http://openwebmail.org/openwebmail/download/cert/advisories/SA-04:04.txt

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/12017

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1010605

Source: cve@mitre.org

Patch

http://www.osvdb.org/7474

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/10637

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/16549

Source: cve@mitre.org

http://openwebmail.org/openwebmail/download/cert/advisories/SA-04:04.txt

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/12017

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://securitytracker.com/id?1010605

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.osvdb.org/7474

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/bid/10637

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/16549

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.