Home page logo
/

bugtraq logo Bugtraq mailing list archives

[SNS Advisory No.54] Active! mail Executing the Script upon the Opening of a Mail Message Vulnerability
From: "snsadv () lac co jp" <snsadv () lac co jp>
Date: Thu, 13 Jun 2002 14:31:43 +0900

----------------------------------------------------------------------
SNS Advisory No.54
Active! mail Executing the Script upon the Opening of a Mail Message Vulnerability

Problem first discovered: Fri, 31 May 2002
Published: Wed, 13 June 2002
----------------------------------------------------------------------

Overview:
---------
  Active! mail displays messages without converting them properly when
  a specific e-mail header contains HTML tags.  

Problem Description:
--------------------
  Active! mail developed and distributed by TransWARE Co.,
  (http://www.transware.co.jp/), is a web-based e-mail system. 
  Active! mail displays messages without converting them properly when 
  a specific e-mail header contains HTML tags.  If for example, a user 
  receives an e-mail embedding a malicious <script> tag in the header, 
  this script will run upon opening the e-mail message.  Exploitation 
  could result in the disclosure of the user's cookie information and 
  in the possibility for an attacker to misuse the Web mail system.

Tested Versions:
----------------
  Active! mail 1.422
  Active! mail 2.0 

Solution:
---------
  This problem can be eliminated by updating to Active! mail ver.2.0.1.1, 
  which is available at:

  http://www.transware.co.jp/active/download/am_download.html

Discovered by:
--------------
  Keigo Yamazaki (LAC)

Disclaimer:
-----------
All information in these advisories are subject to change without any advanced notices neither mutual consensus, and 
each of them is released as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences caused by applying 
those information. 

------------------------------------------------------------------
SecureNet Service(SNS) Security Advisory <snsadv () lac co jp>
Computer Security Laboratory, LAC  http://www.lac.co.jp/security/


  By Date           By Thread  

Current thread:
  • [SNS Advisory No.54] Active! mail Executing the Script upon the Opening of a Mail Message Vulnerability snsadv () lac co jp (Jun 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault