CVE-2001-0642

Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.

Published: Sep 20, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0642
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
incredimail / incredimail	-	1400185.x

http://archives.neohapsis.com/archives/bugtraq/2001-05/0078.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6529

Vulnerability Database

CVE-2001-0642