VDB
GCVE-110-CERTCC-2012-743555
GCVE-110-CERTCC-2012-743555
Advisory PublishedCVSS 6.0/10
The @Mail Open 1.04 webmail client contains multiple vulnerabilities including; unrestricted upload of file with dangerous type (CWE-434), relative path traversal (CWE-23), external control of file name or path (CWE-73), and information exposure (CWE-200).
Risk Scores
CVSS 2.0
6.0/10
Medium · AV:N/AC:M/Au:S/C:P/I:P/A:P
certcc-cam
certcc-cam
impact11population4exploitation4widely_known1score_current1.3365ease_of_exploitation12
certcc-vrda
certcc-vrda
d1_impact3d1_population3d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score4.7remediation_levelOFreport_confidenceCenvironmental_score4.7target_distributionNDenvironmental_vectorCDP:ND/TD:ND/CR:ND/IR:ND/AR:ND
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.