Open Webmail · Open Webmail · CVE-2004-2284
Name of the Vulnerable Software and Affected Versions:
OpenWebmail versions prior to 2.32 20040629
Description:
The issue concerns the read list from file function in vacation.pl, which allows remote attackers to execute arbitrary commands by including shell metacharacters in a filename argument.
Recommendations:
For versions prior to 2.32 20040629, update to version 2.32 20040629 or later to resolve the issue.