Remote Information Exposure in Merak Mail Server and Icewarp Web Mail
CVE-2004-1671

Currently unrated

Key Information:

Vendor: Icewarp
Status: Web Mail
Vendor: CVE Published:; 12 October 2004

What is CVE-2004-1671?

The Merak Mail Server and Icewarp Web Mail are susceptible to information disclosure vulnerabilities, allowing remote attackers to gain access to sensitive user data through direct HTTP requests to specific HTML files, namely accountsettings_add.html and topmenu.html. This flaw can potentially expose personal and account-related information, making it crucial for users to apply necessary safeguards.

References

http://marc.info/?l=bugtraq&m=109483971420067&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/12789

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/17315

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Feb 21, 2005
Vulnerability published
Oct 12, 2004

JSON