CVE-2005-0321
First published: Thu Feb 10 2005(Updated: )
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensitive information via an HTTP request to (1) calendar_d.html, (2) calendar_m.html, (3) calendar_w.html, or (4) calendar_y.html, which reveal the installation path.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IceWarp WebMail Server | =5.3.0 | |
| IceWarp Merak Mail Server | =7.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0321?
CVE-2005-0321 is classified as a moderate severity vulnerability.
How do I fix CVE-2005-0321?
To fix CVE-2005-0321, upgrade to a patched version of Merak Mail Server or IceWarp Web Mail that addresses this issue.
Who is affected by CVE-2005-0321?
CVE-2005-0321 affects users of Merak Mail Server version 7.6.0 and IceWarp Web Mail version 5.3.0.
What information is exposed by CVE-2005-0321?
CVE-2005-0321 allows remote authenticated users to gain access to sensitive installation path information.
Can CVE-2005-0321 be exploited remotely?
Yes, CVE-2005-0321 can be exploited remotely by authenticated users.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/icewarp
- canonical/icewarp webmail server
- version/icewarp webmail server/5.3.0
- vendor/merak
- canonical/icewarp merak mail server
- version/icewarp merak mail server/7.6.0