CVE-2012-1916

Name of the Vulnerable Software and Affected Versions AtMail Open-Source @Mail WebMail Client version prior to 1.05

Description The issue allows remote attackers to execute arbitrary code via an e-mail attachment with an executable extension. This leads to the creation of an executable file under tmp/.

Recommendations For versions prior to 1.05, update to version 1.05 or later to resolve the issue. As a temporary workaround, consider restricting the handling of e-mail attachments with executable extensions to minimize the risk of exploitation.