Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2176

4 documents4 sources

Severity

6.4MEDIUM

EPSS

4.3%

top 11.09%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Novell Netmail

Timeline

PublishedJul 9

Latest updateMay 1

Description

Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDnovell/netmail5 versions+4

🔴Vulnerability Details

GHSA

GHSA-6q3r-3xj4-6598: Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers↗2022-05-01

▶

CVEList

CVE-2005-2176: Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers↗2005-07-09

▶

💥Exploits & PoCs

Exploit-DB

Novell NetMail 3.x - Automatic Script Execution↗2005-07-06

▶