PT-2007-3529 · Extremail · Extremail

Published

2007-04-24

Updated

2008-11-13

CVE-2007-2188

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions eXtremail versions 2.1.1 and earlier

Description The issue makes it easier for remote attackers to conduct DNS spoofing because it does not verify the ID field in DNS responses.

Recommendations For versions 2.1.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2188

Affected Products

Extremail

PT-2007-3529 · Extremail · Extremail

CVE-2007-2188

Related Identifiers

Affected Products

References · 4