- Description
- Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:incredimail:incredimail:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D77CCBA-8863-4935-975C-ABA07DFC91FC",
"versionEndIncluding": "1400185"
}
],
"operator": "OR"
}
]
}
]