1. Home
  2. CVE Database
  3. CVE-2005-3287
MEDIUM · 5.0

CVE-2005-3287

Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to ...

Vulnerability Description

Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested from the cache directory.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
RockliffeMailsite ExpressAll versions

References

FAQ

What is CVE-2005-3287?

CVE-2005-3287 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to ...

How severe is CVE-2005-3287?

CVE-2005-3287 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-3287?

Check the references section above for vendor advisories and patch information. Affected products include: Rockliffe Mailsite Express.