Unrated severityNVD Advisory· Published Nov 2, 2005· Updated Apr 16, 2026

CVE-2005-3431

Description

Absolute path traversal vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to read arbitrary files via a full pathname in the AttachPath field of a mail message under composition.

Affected products

Rockliffe/Mailsite Express
cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*
Range: <=6.1.21

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.htmlnvdPatchVendor Advisory
secunia.com/advisories/17240/nvdPatchVendor Advisory
www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdfnvdPatchVendor Advisory
www.securityfocus.com/bid/15231nvdPatch
marc.infonvd
securityreason.com/securityalert/126nvd
securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/22908nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000