|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
Description |
Novell NetMail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application automatically processes HTML in an attachment without prompting the user to save or open it. This could allow a user to create a specially crafted html e-mail attachment that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to version 3.52D or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
Novell NetMail
 |
3.52D |
3.52C1 |
3.52B |
3.52A |
3.52 |
3.10h |
3.10g |
3.10f |
3.10e |
3.10d |
3.10c |
3.10b |
3.10a |
3.10 |
3.1f |
3.1 |
3.0.3b |
3.0.3a |
3.0.3 |
3.0.1 |
|
|
|
|
|
Credit |
- Shalom Carmel - shalom
 venera.com -
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
