|
|
CVE Reference: CVE-2006-5262 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5262 |
|
|
Description: CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary IMAP commands via a CRLF sequence in a mailbox name. NOTE: the attack crosses privilege boundaries if the IMAP server configuration prevents a user from establishing a direct IMAP session. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29407 SAID Secunia Advisory: SA22308 CONFIRM http://hastymail.sourceforge.net/security.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/453417/100/0/threaded BID 20424 |
|
| Return to the previous page. |
