Vulnerability Description
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensitive information via an HTTP request to (1) calendar_d.html, (2) calendar_m.html, (3) calendar_w.html, or (4) calendar_y.html, which reveal the installation path.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Icewarp | Web Mail | 5.3.0 |
| Merak | Mail Server | 7.6.0 |
References
- http://marc.info/?l=bugtraq&m=110693950205007&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19152
- http://marc.info/?l=bugtraq&m=110693950205007&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19152
FAQ
What is CVE-2005-0321?
CVE-2005-0321 is a vulnerability with a CVSS score of 2.1 (LOW). MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensitive information via an HTTP request to (1) calendar_d.html, (2) calendar_m.html, (3) calendar_w.html...
How severe is CVE-2005-0321?
CVE-2005-0321 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0321?
Check the references section above for vendor advisories and patch information. Affected products include: Icewarp Web Mail, Merak Mail Server.