CVSS: 6.4EPSS: 1%CPEs: 19EXPL: 2CVE-2005-2176 – Novell NetMail 3.x - Automatic Script Execution
https://notcve.org/view.php?id=CVE-2005-2176
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. • https://www.exploit-db.com/exploits/25948 http://secunia.com/advisories/15962 http://securitytracker.com/id?1014439 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm http://www.osvdb.org/17821 http://www.securityfocus.com/bid/14171 http://www.vupen.com/english/advisories/2005/0994 •
CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2005-1756
https://notcve.org/view.php?id=CVE-2005-1756
Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields. • http://secunia.com/advisories/15644 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097957.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971588.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971590.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971591.htm http://www.osvdb.org/17240 http://www.securityfocus.com/bid/13926 http://www.vupen.com/english/advisories/2005/0727 •
CVSS: 7.5EPSS: 12%CPEs: 16EXPL: 0CVE-2005-1758
https://notcve.org/view.php?id=CVE-2005-1758
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code. • http://secunia.com/advisories/15644 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097957.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971588.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971590.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971591.htm http://www.osvdb.org/17239 http://www.securityfocus.com/bid/13926 http://www.securityfocus.com/bid/14718 http://www.vupen.com/english/advisories/2005/0727 •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0CVE-2005-1757
https://notcve.org/view.php?id=CVE-2005-1757
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code. • http://secunia.com/advisories/15644 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097957.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971588.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971590.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971591.htm http://www.osvdb.org/17241 http://www.securityfocus.com/bid/13926 http://www.vupen.com/english/advisories/2005/0727 •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2004-2298
https://notcve.org/view.php?id=CVE-2004-2298
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator. • http://secunia.com/advisories/13377 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm http://www.osvdb.org/12234 •