icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

CommuniGate Pro POP3 < 5.1c2 Buffer Overflow

High

Synopsis

The remote host is vulnerable to an HTML Injection attack

Description

The version of CommuniGate Pro running on the remote host is prone to an HTML injection flaw. The root cause of this flaw is a failure within the CommuniGate software when processing a specially formatted URI. An attacker, exploiting this flaw, would need to be able to entice a user into opening an email. Upon opening the email, the attacker would be able to execute arbitrary script code.

Solution

Upgrade to CommuniGate Pro 5.2.15 or newer.