Vulnerabilities > Ciphertrust > Ironmail > 5.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-16 | CVE-2006-5210 | Directory Traversal Information Disclosure vulnerability in IronWebMail Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/"). | 5.0 |
2006-02-04 | CVE-2006-0538 | Remote Denial Of Service vulnerability in CipherTrust IronMail CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections. | 2.6 |