Vulnerability Description
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockliffe | Mailsite Express | All versions |
Related Weaknesses (CWE)
References
- http://securitytracker.com/id?1015063Broken LinkPatchThird Party Advisory
- http://securitytracker.com/id?1015063Broken LinkPatchThird Party Advisory
FAQ
What is CVE-2005-3288?
CVE-2005-3288 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cac...
How severe is CVE-2005-3288?
CVE-2005-3288 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3288?
Check the references section above for vendor advisories and patch information. Affected products include: Rockliffe Mailsite Express.