CVE-2002-2165
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2002
Last modified:
05/09/2008
Description
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
Impact
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:imho:imho_webmail:0.96:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.96.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.96.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.96.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.97:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.97.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.98:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.98.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:imho:imho_webmail:0.98.3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page