29 matches found
EUVD-2006-0456
Malware in sbrugna...
EUVD-2008-2046
Malware in sbrugna...
EUVD-2013-3581
Malware in sbrugna...
EUVD-2006-0454
Malware in sbrugna...
EUVD-2006-0455
Malware in sbrugna...
CVE-2013-3648
Cross-site scripting XSS vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
CVE-2013-3648
Cross-site scripting XSS vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
Cross site scripting
Cross-site scripting XSS vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
CVE-2013-3648
Cross-site scripting XSS vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
CVE-2013-3648
CVE-2013-3648 affects KENT-WEB POST-MAIL prior to version 6.7, where an XSS vulnerability can be triggered by input in a form field when viewed in IE7 or earlier. Multiple connected sources (JVN/JVNDB) describe the issue as an output-related XSS that can allow arbitrary script execution in the us...
POST-MAIL vulnerable to cross-site scripting
Overview POST-MAIL provided by KENT-WEB contains an issue in the webpage output of strings entered in the form, which may result in a cross-site scripting vulnerability. Taketo Ikeuchi of Hitachi Solutions, Ltd. and Ohji Kashiwazaki of GLOBAL SECURITY EXPERTS inc. reported this vulnerability to...
JVN#26394323: POST-MAIL vulnerable to cross-site scripting
POST-MAIL provided by KENT-WEB contains an issue in the webpage output of strings entered in the form, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version accordin...
Design/Logic Flaw
The POP3 server EPSTPOP3S.EXE 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message...
CVE-2008-2049
The POP3 server EPSTPOP3S.EXE 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message...
CVE-2008-2049
The CVE-2008-2049 entry affects E-Post Mail Server 4.10, specifically the POP3 server EPSTPOP3S.EXE v4.22. The vulnerability arises from handling of crafted APOP commands for a known POP3 account, which can disclose the user password in a POP3 error message. This is a remote-authenticated exposur...
CVE-2008-2049
The POP3 server EPSTPOP3S.EXE 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message...
CVE-2006-0447
Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the 1 AUTH PLAIN or 2 AUTH LOGIN SMTP commands, which is not properly handled by a EPSTRS.EXE or b SPA-RS.EXE; 3 a long username in the APOP...
CVE-2006-0448
Multiple directory traversal vulnerabilities in 1 EPSTIMAP4S.EXE and 2 SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to a list arbitrary directories or cause a denial of service via the LIST command; or create arbitrary files via the b APPEND,...
CVE-2006-0449
Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows remote attackers to cause a denial of service infinite loop by sending an APPEND command and disconnecting before the expected amount of data is sent...
Directory traversal
Multiple directory traversal vulnerabilities in 1 EPSTIMAP4S.EXE and 2 SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to a list arbitrary directories or cause a denial of service via the LIST command; or create arbitrary files via the b APPEND,...