CVE-2005-1902

Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands.

Published: Jun 9, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-1902
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
e-post_corporation / spa-pro_mail_atsolomon	4.00	4.00.x

http://secunia.com/advisories/15573
http://securitytracker.com/id?1014095
http://www.osvdb.org/16989
http://www.security.org.sg/vuln/spa-promail4.html
http://www.vupen.com/english/advisories/2005/0680
https://exchange.xforce.ibmcloud.com/vulnerabilities/20860

Vulnerability Database

289,784

CVE-2005-1902