POP3: Email Containing HTML SCRIPT Tag
This signature detects the presence of script code within the contents of an e-mail. Such an e-mail could take advantage of vulnerabilities in various POP3 clients.
Extended Description
IBM Lotus Notes email client is prone to an input validation vulnerability. Reports indicate that HTML and JavaScript attached to received email messages is executed automatically when the email message is viewed. Specifically, users accessing standard Notes mail templates through a Web mail client are affected. This vulnerability may be leveraged by a remote attacker to automatically execute arbitrary script code in the context of a target user.
Affected Products
Ibm lotus_notes
Short Name
POP3:EMAIL-SCRIPT
Severity
Info
Recommended
False
Recommended Action
None
Category
POP3
Keywords
Containing Email HTML SCRIPT Tag bid:14164
Release Date
08/16/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Ibm