CVE

Id
30450  
CVE No.
CVE-2008-0333  
Status
Candidate  
Description
Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the temp_filename parameter.  
Phase
Assigned (20080117)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
323147 30450 CVE-2008-0333 MILW0RM:4921  View
323148 30450 CVE-2008-0333 URL:http://www.milw0rm.com/exploits/4921  View
323149 30450 CVE-2008-0333 BID:27312  View
323150 30450 CVE-2008-0333 URL:http://www.securityfocus.com/bid/27312  View
323151 30450 CVE-2008-0333 SECUNIA:28521  View
323152 30450 CVE-2008-0333 URL:http://secunia.com/advisories/28521  View
323153 30450 CVE-2008-0333 XF:mailbeewebmail-download-directory-traversal(39724)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
48649 JVNDB-2008-003959 MiniWeb HTTP Server の http.c におけるヒープベースのバッファオーバーフローの脆弱性 MiniWeb HTTP Server の http.c の _mwProcessReadSocket 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2008-0337 30450 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003959.html  View