CommuniGate Pro POP3 < 5.1c2 Buffer Overflow

High Nessus Network Monitor Plugin ID 5104


The remote host is vulnerable to an HTML Injection attack


The version of CommuniGate Pro running on the remote host is prone to an HTML injection flaw. The root cause of this flaw is a failure within the CommuniGate software when processing a specially formatted URI. An attacker, exploiting this flaw, would need to be able to entice a user into opening an email. Upon opening the email, the attacker would be able to execute arbitrary script code.


Upgrade to CommuniGate Pro 5.2.15 or newer.

See Also

Plugin Details

Severity: High

ID: 5104

File Name: 5104.prm

Family: Web Servers

Published: 2007/07/29

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 6.8


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2007/07/23

Vulnerability Publication Date: 2007/07/23

Reference Information

BID: 35783