Ciphertrust Ironmail vulnerabilities
3 known vulnerabilities affecting ciphertrust/ironmail.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2006-5210P3MEDIUMCVSS 5.0PoC≤ 6.1.1v4.1+2 more2006-10-16
CVE-2006-5210 [MEDIUM] CVE-2006-5210: Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to r
Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/").
nvd
CVE-2007-1723P4MEDIUMCVSS 6.8v6.1.12007-03-28
CVE-2007-1723 [MEDIUM] CWE-79 CVE-2007-1723: Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computin
Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computing CipherTrust IronMail 6.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) network, (2) defRouterIp, (3) hostName, (4) domainName, (5) ipAddress, (6) defaultRouter, (7) dns1, or (8) dns2 parameter to (a) admin/system_IronMail.
nvd
CVE-2006-0538P4LOWCVSS 2.6≤ 5.0.12006-02-04
CVE-2006-0538 [LOW] CVE-2006-0538: CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers
CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.
nvd