Loading
PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the (1) lang_settings and (2) language parameters in (a) accounts/inc/include.php and (b) admin/inc/include.php.
Use Deerfield vendor hub and Visnetic Mail Server product page to widen CVE-2005-4556 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2005-4558, CVE-2006-0817 and CVE-2005-4559 for nearby disclosures in the same product family.