Vulnerability Description
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
CVSS Score
6.4
MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netmail | 3.0.1 |
References
- http://secunia.com/advisories/15962Vendor Advisory
- http://securitytracker.com/id?1014439
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
- http://www.osvdb.org/17821
- http://www.securityfocus.com/bid/14171Exploit
- http://www.vupen.com/english/advisories/2005/0994
- http://secunia.com/advisories/15962Vendor Advisory
- http://securitytracker.com/id?1014439
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
- http://www.osvdb.org/17821
- http://www.securityfocus.com/bid/14171Exploit
FAQ
What is CVE-2005-2176?
CVE-2005-2176 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
How severe is CVE-2005-2176?
CVE-2005-2176 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2176?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netmail.