Yzlcqx

**Name of the Vulnerable Software and Affected Versions** China Mobile OA Mailbox PC version 2.9.23 **Description** An issue in China Mobile OA Mailbox PC allows remote attackers to execute arbitrary commands on a victim host via user interaction with a crafted EML file sent to their OA mailbox. **Recommendations** For China Mobile OA Mailbox PC version 2.9.23, consider avoiding the use of crafted EML files until a patch is available. As a temporary workaround, restrict user interaction with potentially malicious EML files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.