Published: 09/07/2005 Updated: 08/03/2011

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote malicious users to conduct web-based attacks and steal cookies.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell netmail 3.0.3a
novell netmail 3.1
novell netmail 3.10
novell netmail 3.5.2
novell netmail 3.0.1

source: wwwsecurityfocuscom/bid/14171/info Novell NetMail email client is prone to an input validation vulnerability Reports indicate that HTML and JavaScript attached to received email messages is executed automatically, when the email message is viewed A successful attack may allow the attacker to obtain session cookies and carry ou ...

NVD-CWE-Other http://www.securityfocus.com/bid/14171 http://secunia.com/advisories/15962 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm http://www.osvdb.org/17821 http://securitytracker.com/id?1014439 http://www.vupen.com/english/advisories/2005/0994 https://nvd.nist.gov https://www.exploit-db.com/exploits/25948/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2176

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect