CVE-2004-2584

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2584
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
smartertools / smartermail	1.6.1511	1.6.1511.x
smartertools / smartermail	1.6.1529	1.6.1529.x

http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt
http://www.zone-h.org/advisories/read/id=4098
https://exchange.xforce.ibmcloud.com/vulnerabilities/15392

Vulnerability Database

CVE-2004-2584