IceWarp Web Mail Multiple Remote Input Validation Vulnerabilities

IceWarp Web Mail is reported prone to multiple input validation vulnerabilities. It is reported that these issues may be exploited by a remote attacker to conduct SQL Injection, Account Manipulation, Cross-site Scripting, Information disclosure, Local file system access, and other attacks. Few details regarding the specific vulnerabilities are known.

These vulnerabilities are reported to affect all versions of IceWarp Web Mail prior to version 5.2.8. The discoverer of these issues has reported that not all of these vulnerabilities were fixed in IceWarp Web Mail version 5.2.8.


Privacy Statement
Copyright 2010, SecurityFocus