VYPR
Unrated severityNVD Advisory· Published May 25, 2005· Updated Jun 16, 2026

CVE-2005-1252

CVE-2005-1252

Description

Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string argument in a GET request to a non-existent .jsp file.

Affected products

3
  • cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*
    • (no CPE)range: <8.2 Hotfix 2
  • cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*
    Range: <=8.2_hotfix_2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.