Vulnerability in Icewarp Mail_server
CVE-2011-3579
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via…
EPSS: 0.048 (90.8th percentile) — read the EPSS interpretation.
Affected products
- Icewarp Mail_server — versions 9.3.0, 9.3.1, 9.3.2
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cve@mitre.org (mailing-list, Exploit, x_refsource_BUGTRAQ)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (Exploit, x_refsource_MISC)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
Frequently asked questions
- What is CVE-2011-3579?
- CVE-2011-3579 is a vulnerability in Icewarp Mail_server, classified under CWE-399. Published 2011-09-30.
- Is CVE-2011-3579 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.