CVE-2006-3566

Published Jul 13, 2006

Last updated 7 years ago

Overview

Description: search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "940AA3D1-FA89-4A82-AC69-663742657BBC",
            "versionEndIncluding": "3.1"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD125F9D-1E13-419C-900B-6BF71A5E98B1"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CDA700A-A6AA-49EB-B847-E995A341FFFF"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81A19437-0D2F-4C1F-B37E-6B0BC98993D0"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.2.1_beta1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B310602-7C6C-4C36-AE99-605F3932AB14"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.2.1_rc:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C444230-0988-49BD-BCFE-439A33FD9912"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "681B2B76-9AFC-45B2-960F-F8309A01444C"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.2_sp1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "256B2BD7-34EA-42A7-A3F3-6F0F49FAD921"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD9FE2A5-70D8-41A7-B201-541761EF8914"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.3_beta1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D43770F-B354-4F6F-BADB-246E3D1C2777"
          },
          {
            "criteria": "cpe:2.3:a:hivemail:hivemail:1.3_rc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02247FB6-3D9D-47E6-A6A0-3F772421193A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References