CVE-2004-2458
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD
Description
Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories.
Affected (6)
Products: Open Webmail: Open Webmail
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.71 |
References (8)
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.