EUVD-2012-2557

Malware in sbrugna...

CVE-2012-2571

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

WinWebMail邮件系统一存储型XSS

简要描述： WinMail邮件系统是公司、院校、组织、政府部门的企业邮局系统架设软件。客户涵盖了政府机关、政府信息中心、税务机关、军队公安武警、等等，总之使用单位相当多。winMail某处容易忽视的地方存在xss漏洞，导致打开信就触发漏洞。 详细说明： WinMail邮件系统是公司、院校、组织、政府部门的企业邮局系统架设软件。客户涵盖了政府机关、政府信息中心、税务机关、军队公安武警、等等，总之使用单位相当多。winMail某处容易忽视的地方存在xss漏洞，导致打开信就触发漏洞。...

winwebmail server 3.8.1.6 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: WinWebMail Server Version: 3.8.1.6 Vendor Site: http://www.winwebmail.net Software Download: http://www.winwebmail.net/email-server-download.html Timeline: 29 May 2012: Vulnerability reported...

WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28721/info WinWebMail is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input. Remote attackers can exploit this issue to crash the server and deny service...

CVE-2012-2571

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

CVE-2012-2571

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

CVE-2012-2571

CVE-2012-2571 describes multiple XSS vulnerabilities in WinWebMail Server 3.8.1.6 that allow remote injection of web script or HTML via e-mail message bodies, using (1) SCRIPT elements, (2) CSS expression properties, (3) STYLE attribute CSS expressions, (4) crafted IFRAME SRC attributes, or (5) U...

CVE-2012-2571

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

PT-2012-4111

Name of the Vulnerable Software and Affected Versions WinWebMail Server version 3.8.1.6 Description The issue allows remote attackers to inject arbitrary web script or HTML via an e-mail message body using various methods, including a SCRIPT element, crafted Cascading Style Sheets CSS expressions...

winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Author: loneferret of Offensive Security Product: WinWebMail Server Version: 3.8.1.6 Vendor Site: http://www.winwebmail.net Software Download: http://www.winwebmail.net/email-server-download.html Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012: Response...

winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting

winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: WinWebMail Server Version: 3.8.1.6 Vendor Site: http://www.winwebmail.net Software Download: http://www.winwebmail.net/email-server-download.html Timeline: 29 May 201...

winwebmail mention the right-vulnerability warning-the black bar safety net

Another collection below winwebmail default installation path, this is for if in Start—program there is no winwebmail shortcut. c:\winwebmail\web if you cannot browse to change to the d:\winwebmail\web\ In addition, if you can not find the path please use Registry to read the...

WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service

source: https://www.securityfocus.com/bid/28721/info WinWebMail is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input. Remote attackers can exploit this issue to crash the server and deny service to legitimate users. Given the...

WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service

WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service source: https://www.securityfocus.com/bid/28721/info WinWebMail is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input. Remote attackers can exploit this issue to crash...