Vulnerability Description
Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| E-Post Corporation | Spa-Pro Mail Atsolomon | 4.00 |
References
- http://secunia.com/advisories/15573PatchVendor Advisory
- http://securitytracker.com/id?1014095
- http://www.osvdb.org/16989
- http://www.security.org.sg/vuln/spa-promail4.htmlExploitPatchVendor Advisory
- http://www.vupen.com/english/advisories/2005/0680
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20860
- http://secunia.com/advisories/15573PatchVendor Advisory
- http://securitytracker.com/id?1014095
- http://www.osvdb.org/16989
- http://www.security.org.sg/vuln/spa-promail4.htmlExploitPatchVendor Advisory
- http://www.vupen.com/english/advisories/2005/0680
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20860
FAQ
What is CVE-2005-1902?
CVE-2005-1902 is a vulnerability with a CVSS score of 3.6 (LOW). Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. ...
How severe is CVE-2005-1902?
CVE-2005-1902 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1902?
Check the references section above for vendor advisories and patch information. Affected products include: E-Post Corporation Spa-Pro Mail Atsolomon.