Unrated severityNVD Advisory· Published Dec 28, 2005· Updated Apr 16, 2026
CVE-2005-4557
CVE-2005-4557
Description
dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability.
Affected products
3- cpe:2.3:a:deerfield:visnetic_mail_server:8.3.0_build1:*:*:*:*:*:*:*
- cpe:2.3:a:merak:mail_server:8.3.0r:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- secunia.com/advisories/17046nvdExploitPatchVendor Advisory
- secunia.com/secunia_research/2005-62/advisory/nvdExploitVendor Advisory
- www.securityfocus.com/bid/16069nvdExploit
- marc.infonvd
- secunia.com/advisories/17865nvd
- securitytracker.com/idnvd
- www.osvdb.org/22079nvd
- www.securityfocus.com/archive/1/420255/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/23897nvd
News mentions
0No linked articles in our index yet.