Facebook
Twitter
onsightdata
Regular Pleskian
Does anyone know if there is a patch at all for this? I see that Atmail has released 1.05 of their open source client which resolves this issue. Anyone have a step by step of upgrading to 1.05? I have put a request in to Atomicturtle in http://www.atomicorp.com/ to create an update in their repo.
I can't find anything in the KB from parallels about this though.
Vulnerability Note VU#743555
@Mail Open webmail client contains multiple vulnerabilities
Original Release date: 22 Mar 2012 | Last revised: 28 Mar 2012
Overview
The @Mail Open 1.04 webmail client contains multiple vulnerabilities including; unrestricted upload of file with dangerous type (CWE-434), relative path traversal (CWE-23), external control of file name or path (CWE-73), and information exposure (CWE-200).
Read More @ http://www.kb.cert.org/vuls/id/743555
I can't find anything in the KB from parallels about this though.
Vulnerability Note VU#743555
@Mail Open webmail client contains multiple vulnerabilities
Original Release date: 22 Mar 2012 | Last revised: 28 Mar 2012
Overview
The @Mail Open 1.04 webmail client contains multiple vulnerabilities including; unrestricted upload of file with dangerous type (CWE-434), relative path traversal (CWE-23), external control of file name or path (CWE-73), and information exposure (CWE-200).
Read More @ http://www.kb.cert.org/vuls/id/743555