EUVD-2007-1707

Malware in sbrugna...

JVN#70380788: BASP21 vulnerable to mail header injection

BASP21 provided by B21Soft, Inc. contains a mail header injection vulnerability. Impact The header of an email created by BASP21 to be sent from a web application mail form may be altered by an unauthenticated remote attacker. As a result, an unintended email may be sent or a denial-of-service Do...

BASP21 vulnerable to mail header injection

Overview BASP21 provided by B21Soft, Inc. is a component for Windows applications. BASP21 contains a mail header injection vulnerability. Tomoki Sanaki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact The...

B21Soft BASP21 SMTP lines injections

Invalid handling of "." character allows to inject SMTP commands into message...

CVE-2007-1713

BASP21 (and BASP21 Pro) contains a CRLF/mail header injection flaw in bsmtp.dll (and related executable components) prior to specific versions. An unauthenticated remote attacker can inject arbitrary SMTP headers into messages by exploiting CRLF sequences in Subject lines, potentially altering th...

CVE-2007-1713

CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and earlier, allows remote attackers to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines...

JVN#86092776: BASP21 vulnerable in handling CRLF sequences

Impact An unauthenticated remote attacker may send an unintended email from a web application which its email function is implemented using BASP21. Solution Products Affected bsmtp.dll included in BASP21 2003.0211 Versions of BASP21 Pro earlier than 1,0,702,27...