CVE-2005-1657 - OpenCVE

Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mercur	Mercur Messaging

Configuration 1 [-]

cpe:2.3:a:mercur:mercur_messaging:2005_sp2:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/15234
http://www.osvdb.org/16220
http://www.osvdb.org/16221
http://www.osvdb.org/16222
http://www.osvdb.org/16223
http://www.osvdb.org/16224
http://www.osvdb.org/16225

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:22:42

Updated: 2022-10-03T16:22:42

Reserved: 2022-10-03T00:00:00

Link: CVE-2005-1657

JSON object: View

NVD Information

Status : Analyzed

Published: 2005-05-18T04:00:00.000

Modified: 2008-09-05T20:49:43.730

Link: CVE-2005-1657

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:22:42", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "16225", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16225"}, {"name": "16220", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16220"}, {"name": "16222", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16222"}, {"name": "15234", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/15234"}, {"name": "16223", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16223"}, {"name": "16221", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16221"}, {"name": "16224", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16224"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1657", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "16225", "refsource": "OSVDB", "url": "http://www.osvdb.org/16225"}, {"name": "16220", "refsource": "OSVDB", "url": "http://www.osvdb.org/16220"}, {"name": "16222", "refsource": "OSVDB", "url": "http://www.osvdb.org/16222"}, {"name": "15234", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15234"}, {"name": "16223", "refsource": "OSVDB", "url": "http://www.osvdb.org/16223"}, {"name": "16221", "refsource": "OSVDB", "url": "http://www.osvdb.org/16221"}, {"name": "16224", "refsource": "OSVDB", "url": "http://www.osvdb.org/16224"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1657", "datePublished": "2022-10-03T16:22:42", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:22:42", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}