CVE-1999-1236

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Oct 1, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1236 is a vulnerability affecting Internet Anywhere Mail Server version 2.3.1. The issue lies in the application's storage of passwords in plaintext within the msgboxes.dbf file. An attacker with local access to the system can exploit this vulnerability by extracting the plaintext passwords, allowing them to gain elevated privileges within the mail server. This weakness in password protection poses a significant risk to the confidentiality and integrity of the affected system.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share