1. Home
  2. CVE Database
  3. CVE-2005-0313
HIGH · 7.5

CVE-2005-0313

Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary file...

Vulnerability Description

Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary files via certain parameters to download.php, and remote authenticated users to read, create, or delete arbitrary directories and files via the IMAP commands (3) CREATE, (4) EXAMINE, (5) SELECT, or (6) DELETE.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Amax Information TechnologiesMagic Winmail Server4.0

References

FAQ

What is CVE-2005-0313?

CVE-2005-0313 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary file...

How severe is CVE-2005-0313?

CVE-2005-0313 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-0313?

Check the references section above for vendor advisories and patch information. Affected products include: Amax Information Technologies Magic Winmail Server.