Vulnerabilities > Icewarp > Mail Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2011-09-30 CVE-2011-3580 Information Exposure vulnerability in Icewarp Mail Server
IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.
network
low complexity
icewarp CWE-200
5.0
2011-09-30 CVE-2011-3579 Resource Management Errors vulnerability in Icewarp Mail Server
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.
network
low complexity
icewarp CWE-399
6.4