Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The read_list_from_file function in vacation.pl for OpenWebmail prior to 2.32 20040629 allows remote malicious users to execute arbitrary commands via shell metacharacters in a filename argument.

Vulnerable Product	Search on Vulmon	Subscribe to Product
open webmail open webmail 1.8
open webmail open webmail 1.81
open webmail open webmail 1.90
open webmail open webmail 2.20
open webmail open webmail 2.21
open webmail open webmail 2.30
open webmail open webmail 1.7
open webmail open webmail 1.71
open webmail open webmail 2.31
open webmail open webmail 2.32

NVD-CWE-Other http://openwebmail.org/openwebmail/download/cert/advisories/SA-04:04.txt http://www.securityfocus.com/bid/10637 http://www.osvdb.org/7474 http://securitytracker.com/id?1010605 http://secunia.com/advisories/12017 https://exchange.xforce.ibmcloud.com/vulnerabilities/16549 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2284

Vulnerability Summary

References

Vulmon Search

About

Products

Connect