CVE-2001-1285

Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter.

Publication date: Fri, 12 Oct 2001 09:00:00 +0000


Cyber News related to CVE-2001-1285

CVE-2021-47146 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
CVE-2001-1285 - Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. ...
16 years ago
CVE-2001-1492 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. Notes: All CVE users should reference CVE-2001-1460 instead of this candidate. All references and ...
54 years ago Tenable.com
CVE-2001-1121 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1084. Reason: This candidate is a duplicate of CVE-2001-1084. Notes: All CVE users should reference CVE-2001-1084 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2001-1167 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candidate is a duplicate of CVE-2001-0976. Notes: CVE-2001-0976 should be used instead of this candidate. All references and descriptions in this candidate ...
54 years ago Tenable.com
CVE-2010-2168 - Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer ...
6 years ago
CVE-2010-2201 - Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, ...
6 years ago
CVE-2010-1285 - Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" ...
6 years ago
CVE-2019-1256 - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1285. ...
4 years ago
CVE-2019-1285 - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256. ...
4 years ago
CVE-2013-1285 - The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, ...
4 years ago
CVE-2013-1287 - The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, ...
4 years ago
CVE-2013-1286 - The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, ...
4 years ago
CVE-2021-44028 - XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285. ...
2 years ago
CVE-2007-4670 - Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285. ...
6 years ago
CVE-2018-1285 - Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files. ...
2 years ago
CVE-2002-1285 - runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. ...
16 years ago
CVE-2009-1285 - Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files. ...
15 years ago
CVE-2006-1285 - SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain ...
13 years ago
CVE-2014-1285 - Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an unactivated device. ...
10 years ago
CVE-2005-1285 - Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter. ...
8 years ago
CVE-2003-1285 - Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query ...
7 years ago
CVE-2004-1285 - Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. ...
7 years ago
CVE-2017-1285 - IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146. ...
7 years ago
CVE-2008-1285 - Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)