Vulnerabilities > IMP

DATE CVE VULNERABILITY TITLE RISK
2001-12-06 CVE-2001-0857 Unspecified vulnerability in IMP Webmail
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.
network
low complexity
imp
7.5
2000-04-22 CVE-2000-0459 Unspecified vulnerability in IMP
IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request.
network
low complexity
imp
5.0
2000-04-22 CVE-2000-0458 Unspecified vulnerability in IMP
The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information.
local
low complexity
imp
2.1