JVN#50899877: acmailer vulnerable to OS command injection

2016-01-15T00:00:00
ID JVN:50899877
Type jvn
Reporter Japan Vulnerability Notes
Modified 2016-01-15T00:00:00

Description

## Description

acmailer provided by Seeds Co.,Ltd. contains an OS command injection vulnerability (CWE-78).

## Impact

An authenticated attacker may execute an arbitrary OS command on the server.

## Solution

Update the software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • acmailer versions prior to 3.8.21
  • acmailer versions prior to 3.9.15 Beta