← back
CVE-2004-1672

CVE-2004-1672

EPSS 1.7%
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users' attachments by specifying the username and message ID in an HTTP request.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=109483971420067&w=2http://secunia.com/advisories/12789https://exchange.xforce.ibmcloud.com/vulnerabilities/17316http://www.securityfocus.com/bid/11371