Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-2458
CVE-2004-2458
Description
Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:open_webmail:open_webmail:1.7:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:open_webmail:open_webmail:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:open_webmail:open_webmail:1.71:*:*:*:*:*:*:*
- cpe:2.3:a:open_webmail:open_webmail:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:open_webmail:open_webmail:1.81:*:*:*:*:*:*:*
- cpe:2.3:a:open_webmail:open_webmail:1.90:*:*:*:*:*:*:*
- cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*
- (no CPE)range: <=2.30
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.