MicroWorld Technologies MailScan Multiple Remote Vulnerabilities

MailScan is prone to multiple remote vulnerabilities:

- A directory-traversal vulnerability
- An authentication-bypass vulnerability
- A cross-site scripting vulnerability
- An information-disclosure vulnerability

An attacker can exploit these issues to obtain sensitive information, gain unauthorized access to the affected application, execute arbitrary script code within the context of the website, and steal cookie-based authentication credentials. Other attacks are also possible.

MailScan 5.6.a espatch1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus