CVE-2004-2584

Name of the Vulnerable Software and Affected Versions SmarterMail versions 1.6.1511 through 1.6.1529

Description The issue in SmarterMail allows remote authenticated users to create a folder with a name containing a null byte ("%00") using the frmAddfolder.aspx page. This can result in a folder that SmarterMail cannot delete or rename.

Recommendations For versions 1.6.1511 through 1.6.1529, as a temporary workaround, consider restricting the creation of folders with names containing null bytes ("%00") to prevent potential issues until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.