POP3: Script Tag Alert In Email Message
This signature detects attempts to exploit a known vulnerability against Multiple POP3 Email Clients. A successful attack can allow the attacker to read or delete email, access the user's contact list, and other operations on the user's mail account. The attacker could also fully control the compromised mail account.
Extended Description
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
Affected Products
Ibm lotus_notes
Short Name
POP3:POP-SCRIPT-TAG
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
POP3
Keywords
Alert CVE-2005-2175 Email In Message Script Tag
Release Date
09/28/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Ibm
CVSS Score
5.0