SecurEnvoy SecurMail Authentication and Authorization Vulnerabilities

SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A security vulnerability exists in SecurEnvoy SecurMail versions prior to 9.2.501. A remote attacker can exploit the vulnerability to spoof the sender address and alter arbitrary email messages and attachments...

SecurEnvoy SecurMail Insecure Direct Object Reference Vulnerability

SecurEnvoy SecurMail allows you to send email securely. An insecure direct object reference vulnerability exists in SecurEnvoy SecurMail before 9.2.501. A remote authenticated user can exploit this vulnerability to read arbitrary email messages via the option1 parameter in the reply action of...