PT-2005-4098 · Orion · Mailsite Express

Published

2005-10-23

Updated

2008-09-05

CVE-2005-3287

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Mailsite Express (affected versions not specified)

Description The issue allows remote attackers to upload and possibly execute files via attachments with executable extensions, such as ASPX. These attachments are not converted to .TXT like other dangerous extensions and can be directly requested from the cache directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3287

Affected Products

Mailsite Express

PT-2005-4098 · Orion · Mailsite Express

CVE-2005-3287

Related Identifiers

Affected Products

References · 2