EUVD-2012-3677

Malware in sbrugna...

CVE-2024-27448

MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...

Exploit for CVE-2024-27448

MailDev 2.1.0 RCE Exploit CVE-2024-27448 MailDev 2 throu...

GHSA-VC6Q-CCJ9-9R89 MailDev Remote Code Execution

MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...

CVE-2024-27448

MailDev versions 2 through 2.1.0 are vulnerable to Remote Code Execution via a crafted Content-ID header in an email attachment, causing lib/mailserver.js to write arbitrary code into routes.js. This is a network-borne vulnerability with high impact (CRITICAL CVSS 3.1), and there is public exploi...

PT-2024-21904 · Maildev · Maildev

Name of the Vulnerable Software and Affected Versions: MailDev versions 2 through 2.1.0 Description: The issue allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file. Recommendations: For...

MailDev 安全漏洞

MailDev is a simple way to test project-generated emails during development in MailDev open source. A security vulnerability exists in MailDev versions 2 through 2.1.0, which stems from a vulnerability that allows an attacker to remotely perform code execution via a carefully crafted Content-ID...

CVE-2024-27448

MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...

CVE-2024-27448

MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...

Code injection

Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender...

CVE-2012-3730

CVE-2012-3730 affects Apple iOS Mail prior to iOS 6, where Mail mishandles reuse of Content-ID header values, enabling spoofing of attachments in messages from different senders. Affects the Mail component within iOS; root cause is logic/handling of Content-ID reuse across messages. Impact is spo...

CVE-2003-0130

The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...

DEBIAN-CVE-2003-0130

The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...