TUCoPS :: Web :: Apps :: web5444.htm

Active! mail -Active! mail arbitrary script execution
14th Jun 2002 [SBWID-5444]
COMMAND

	 Active! mail arbitrary script execution

SYSTEMS AFFECTED

	 Active! mail 1.422

	 Active! mail 2.0 

	

	

PROBLEM

	Keigo   Yamazaki   from   LAC   [http://www.lac.co.jp/security/]   found
	following:
	

	Active! mail displays messages without converting them properly  when  a
	specific e-mail header contains HTML tags.
	

	 Description

	 ===========

	

	Active!   mail   developed   and   distributed   by    TransWARE    Co.,
	(http://www.transware.co.jp/), is a  web-based  e-mail  system.  Active!
	mail displays messages without converting them properly when a  specific
	e-mail header contains HTML tags. If for example,  a  user  receives  an
	e-mail embedding a malicious <script> tag in the header, this  script
	will run upon opening the e-mail message. Exploitation could  result  in
	the disclosure of the user\'s cookie information and in the  possibility
	for an attacker to misuse the Web mail system.

SOLUTION

	This problem can be eliminated by updating to Active! mail  ver.2.0.1.1,
	which is available at:
	

	

	  http://www.transware.co.jp/active/download/am_download.html

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH