CVE-2008-0333

Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the temp_filename parameter.
References
Link Resource
http://secunia.com/advisories/28521 Not Applicable
http://www.securityfocus.com/bid/27312 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/39724 Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/4921 Exploit Third Party Advisory VDB Entry
http://secunia.com/advisories/28521 Not Applicable
http://www.securityfocus.com/bid/27312 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/39724 Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/4921 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:afterlogic:mailbee_webmail_pro:4.1:*:*:*:*:asp.net:*:*

History

21 Nov 2024, 00:41

Type Values Removed Values Added
References () http://secunia.com/advisories/28521 - Not Applicable () http://secunia.com/advisories/28521 - Not Applicable
References () http://www.securityfocus.com/bid/27312 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/27312 - Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/39724 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/39724 - Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/4921 - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/4921 - Exploit, Third Party Advisory, VDB Entry

02 Nov 2022, 17:24

Type Values Removed Values Added
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/4921 - (EXPLOIT-DB) https://www.exploit-db.com/exploits/4921 - Exploit, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/27312 - (BID) http://www.securityfocus.com/bid/27312 - Third Party Advisory, VDB Entry
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/39724 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/39724 - Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/28521 - (SECUNIA) http://secunia.com/advisories/28521 - Not Applicable
CPE cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*
cpe:2.3:a:afterlogic:mailbee_webmail_pro:4.1:*:*:*:*:*:*:*
cpe:2.3:a:afterlogic:mailbee_webmail_pro:4.1:*:*:*:*:asp.net:*:*

Information

Published : 2008-01-17 22:00

Updated : 2024-11-21 00:41


NVD link : CVE-2008-0333

Mitre link : CVE-2008-0333

CVE.ORG link : CVE-2008-0333


JSON object : View

Products Affected

afterlogic

  • mailbee_webmail_pro
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')