AeroMail Server File Disclosure Vulnerability

AeroMail is a web based email program maintained by Mark Cushman. AeroMail is designed for Windows and Unix systems.

An issue exists in versions of AeroMail, which could allow a user to include files residing in the hosts web root, as an attachment to email messages.

As a result it is possible for users to obtain sensitive information residing on the host. This information could assist in further attacks against the host.


Privacy Statement
Copyright 2010, SecurityFocus