IceWarp Web Mail Multiple Information Disclosure Vulnerabilities Network Vulnerability

Summary

IceWarp Web Mail is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to gain access to potentially sensitive information, and possibly cause denial-of-service conditions other attacks may also be possible.

Solution

Vendor updates are available. Please see the references for more information.

References

http://www.icewarp.com/Products/IceWarp_Web_Mail/
http://www.securityfocus.com/bid/49753
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3579, CVE-2011-3580

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P

Related Vulnerabilities

AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
Apache Archiva Multiple Vulnerabilities
Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
Apache Tiles Multiple XSS Vulnerability

Take action and discover your vulnerabilities