Directory Traversal in SmarterMail by SmarterTools
CVE-2004-2586

Currently unrated

Key Information:

Vendor: Smartertools
Status: Smartermail
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2586?

The vulnerability in SmarterMail allows remote attackers to exploit a directory traversal flaw in the frmGetAttachment.aspx file. This can enable unauthorized access to arbitrary files on the server through the manipulation of the filename parameter, potentially exposing sensitive information. Organizations using affected versions should prioritize patching to mitigate risks associated with unauthorized file access.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15389

vdb-entryx_refsource_XF

http://www.zone-h.org/advisories/read/id=4098

x_refsource_MISC

http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/...

x_refsource_MISC

Timeline

Vulnerability Reserved
Nov 28, 2005
Vulnerability published
Dec 31, 2004

Smartertools

What is CVE-2004-2586?

References

Timeline