CVE-2005-1491
First published: Wed May 11 2005(Updated: )
Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IceWarp Merak Mail Server | =8.0.3 | |
| IceWarp WebMail Server | =5.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-1491?
CVE-2005-1491 has a medium severity rating due to its potential impact on local file system integrity.
How do I fix CVE-2005-1491?
To fix CVE-2005-1491, update Merak Mail Server and IceWarp Web Mail to the latest versions to mitigate the vulnerability.
Who is affected by CVE-2005-1491?
CVE-2005-1491 affects users of Merak Mail Server version 8.0.3 and IceWarp Web Mail version 5.4.2.
What actions can attackers perform due to CVE-2005-1491?
Attackers can move their home directories or arbitrary files on the server due to CVE-2005-1491.
Is CVE-2005-1491 a remote or local vulnerability?
CVE-2005-1491 is a remote vulnerability that affects authenticated users.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/merak
- canonical/icewarp merak mail server
- version/icewarp merak mail server/8.0.3
- vendor/icewarp
- canonical/icewarp webmail server
- version/icewarp webmail server/5.4.2