Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4045

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4045
Last Modified 19 Aug 2009 01:19:13
Published 11 Sep 2008 05:06:47
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4045

Summary

Multiple cross-site scripting (XSS) vulnerabilities in @Mail 5.42 allow remote attackers to inject arbitrary web script or HTML via the (1) file and (2) HelpFile parameters to parse.php, the (3) Folder and (4) start parameters to showmail.php, and the (5) abookview parameter to abook.php.

Vulnerable Systems

Application

  • %40mail 5.42


References

XF - atmail-parse-showmail-abook-xss(44860)

SECUNIA - 31727

SECUNIA - 31720

MISC - http://packetstorm.linuxsecurity.com/0808-exploits/atmail542-xss.txt


Last Updated: 27 May 2016 10:48:22