Vulnerabilities > CVE-2001-0642 - Directory Traversal vulnerability in Incredimail 2.0

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

incredimail

NVD

Published: 2001-09-20

Updated: 2017-12-19

Summary

Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.

Vulnerable Configurations

Part	Description	Count
Application	Incredimail Incredimail Incredimail 2.0	1

References

http://archives.neohapsis.com/archives/bugtraq/2001-05/0078.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6529