1.6.1529

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

smartertools

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Smartertools Smartertools Smartermail 1.6.1511 Smartertools Smartermail 1.6.1529	2

References

http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt
http://www.zone-h.org/advisories/read/id=4098
https://exchange.xforce.ibmcloud.com/vulnerabilities/15392