Vulnerabilities > CVE-2006-3566 - Remote Security vulnerability in HiveMail

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hivemail

NVD

Published: 2006-07-13

Updated: 2017-07-20

Summary

search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters.

Vulnerable Configurations

Part	Description	Count
Application	Hivemail Hivemail Hivemail 1.1 Hivemail Hivemail 1.1.1 Hivemail Hivemail 1.2 Hivemail Hivemail 1.2.1_Beta1 Hivemail Hivemail 1.2.1_Rc Hivemail Hivemail 1.2.2 Hivemail Hivemail 1.2_Sp1 Hivemail Hivemail 1.3 Hivemail Hivemail 1.3_Beta1 Hivemail Hivemail 1.3_Rc1 Hivemail Hivemail *	11

References

http://pridels0.blogspot.com/2006/07/hivemail-vuln.html
http://securitytracker.com/id?1016531
http://www.osvdb.org/27104
https://exchange.xforce.ibmcloud.com/vulnerabilities/27696