CVE-2009-3250

Name of the Vulnerable Software and Affected Versions vtiger CRM version 5.0.4

Description The issue concerns the saveForwardAttachments procedure in the Compose Mail functionality, allowing remote authenticated users to execute arbitrary code. This can be achieved by composing an e-mail message with a specifically crafted attachment filename and then making a direct request to a certain pathname under storage/. The vulnerability can be exploited in installations based on certain Apache HTTP Server configurations, and the attachment filename can end in .php, .php., or .php/ on different operating systems.

Recommendations For vtiger CRM version 5.0.4, consider restricting access to the saveForwardAttachments procedure in the Compose Mail functionality until a patch is available. As a temporary workaround, avoid using the Compose Mail functionality with attachments that have filenames ending in .php, .php., or .php/. Restrict access to the storage/ directory to minimize the risk of exploitation.