CVE-2006-5487
новости
/
статьи
/
форум
/
программы
/
реклама
/
поиск
/
эксплоиты
[RU]
switch to
English
Version
CVE
CVE-2006-5487
Статус
Candidate
Описание
Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive.
Важность
High
CVSS score
7
CVSS vector
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Phase
Assigned (24.10.2006)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5487
References
BID :
20999
BUGTRAQ :
20061110 ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability
CONFIRM :
http://www.marshal.com/kb/article.aspx?id=11450
FRSIRT :
ADV-2006-4457
MISC :
http://www.zerodayinitiative.com/advisories/ZDI-06...
SECTRACK :
1017209
SECUNIA :
22806
XF :
mailmarshal-arj-code-execution(30188)
О сайте
|
Условия использования
©
SecurityVulns
,
3APA3A
, Владимир Дубровин
Нижний Новгород
Enter your search terms
Web
securityvulns.ru
Submit search form
test server
