JVN#70380788: BASP21 vulnerable to mail header injection

2016-10-13T00:00:00
ID JVN:70380788
Type jvn
Reporter Japan Vulnerability Notes
Modified 2016-10-13T00:00:00

Description

## Description

BASP21 provided by B21Soft, Inc. contains a mail header injection vulnerability.

## Impact

The header of an email created by BASP21 to be sent from a web application mail form may be altered by an unauthenticated remote attacker. As a result, an unintended email may be sent or a denial-of-service (DoS) condition may be caused.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

BASP21

  • Bsmtp.dll prior to V2,7,5,31
  • Bsendm.exe prior to V2,7,5,31 BASP21 Pro
  • basp21p.dll versions prior to 1,0,704,16