CVE-2004-2284 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2004-2284

The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2284
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
open_webmail / open_webmail	1.7	1.7.x
open_webmail / open_webmail	1.81	1.81.x
open_webmail / open_webmail	2.30	2.30.x
open_webmail / open_webmail	2.21	2.21.x
open_webmail / open_webmail	1.71	1.71.x
open_webmail / open_webmail	2.31	2.31.x
open_webmail / open_webmail	2.20	2.20.x
open_webmail / open_webmail	1.8	1.8.x
open_webmail / open_webmail	1.90	1.90.x
open_webmail / open_webmail	2.32	2.32.x