rockliffe

Top products

The 14 most recently published vulnerabilities affecting rockliffe.

• CVE-2006-0790Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending crafted LDAP packets to port 389/TCP, as demonstrated by the ProtoVer LDAP testsuite.5.0Feb 19, 2006
• CVE-2006-0342RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special chara...7.8Jan 21, 2006
• CVE-2006-0341Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.4.3Jan 21, 2006
• CVE-2006-0130Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier allows remote attackers to attempt authentication with an unlimited number of user account name...7.5Jan 9, 2006
• CVE-2006-0129Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier generates different responses depending on whether or not a username is valid, which allows rem...5.0Jan 9, 2006
• CVE-2006-0128Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to have an unknown impact via unknown attack vectors.10.0Jan 9, 2006
• CVE-2006-0127Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. (dot dot) in the RENAME c...4.0Jan 9, 2006
• CVE-2005-3431Absolute path traversal vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to read arbitrary files via a full pathname in the AttachPath field of a mail message under...5.0Nov 2, 2005
• CVE-2005-3430Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as ...7.5Nov 2, 2005
• CVE-2005-3429Rockliffe MailSite Express before 6.1.22, with the option to save login information enabled, saves user passwords in plaintext in cookies, which allows local users to obtain passwords by reading th...4.3Nov 2, 2005
• CVE-2005-3428Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to inject arbitrary web script or HTML via a message body.4.3Nov 2, 2005
• CVE-2005-3288Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the ...5.0Oct 23, 2005
• CVE-2005-3287Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted ...5.0Oct 23, 2005
• CVE-2000-0398Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request.10.0Jul 12, 2000