[Japanese]

JVNDB-2006-000617

Multiple email clients vulnerable to directory traversal due to inappropriate unicode handling

Overview

Some email clients contain a vulnerability when handling an attached file with a file name using unicode. This may result in a directory traversal attack or displaying a file name diffrently from the actual file name.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
Affected Products


Ricoh Co., Ltd
  • Ridoc Document Router Siries
  • Ridoc Document Router (pro) Siries
RIMARTS
  • Becky! Internet Mail Ver.2.21.04 (2005/08/02) and earlier
NIPPON CONTROL SYSTEM Corporation.
  • Paseri Ver1.11.01 and earlier

Impact

Actual impact could differ depending on the email clients though, an attacker coulld possibly forge a file name or a email client could handle a file inappropriately which may result in a file being overwritten or an arbitray file being created and saved in an arbitrary directory.
Solution

Vendor Information

Ricoh Co., Ltd RIMARTS NIPPON CONTROL SYSTEM Corporation.
CWE (What is CWE?)

CVE (What is CVE?)

References

  1. JVN : JVN#84775942
Revision History

  • [2008/05/21]
      Web page published