IlohaMail read_message.php Attachment Multiple Field XSS

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server contains a PHP application that is subject to
cross-site scripting attacks.

Description :

Based on its version number, the installation of IlohaMail on the
remote host does not properly sanitize attachment file names, MIME
media types, and HTML / text email messages. An attacker can exploit
these vulnerabilities by sending a specially crafted message to a user
which, when read using an affected version of IlohaMail, will allow
the attacker to execute arbitrary HTML and script code in the user's browser
within the context of the affected website.

See also :

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=304525

Solution :

Upgrade to IlohaMail version 0.8.14-rc3 or newer.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 18050 (ilohamail_email_xss.nasl)

Bugtraq ID: 13175

CVE ID: CVE-2005-1120