Remote File Exposure in Merak Mail Server and Icewarp Web Mail
CVE-2004-1672

Currently unrated

Key Information:

Vendor: Icewarp
Status: Web Mail
Vendor: CVE Published:; 12 October 2004

What is CVE-2004-1672?

The vulnerability in Merak Mail Server and Icewarp Web Mail allows remote attackers to exploit the system by crafting specific HTTP requests. By entering a valid username and message ID, attackers can gain unauthorized access to attachments belonging to other users. This flaw exposes sensitive documents and potentially compromises user privacy, highlighting the need for immediate patching and security measures to protect users' data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17316

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=109483971420067&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/12789

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Feb 21, 2005
Vulnerability published
Oct 12, 2004

JSON