[Bug #1468] XSS vulnerability in message header conversion

2002-10-21 09:51:09
=================== BUG #1468: FULL BUG SNAPSHOT ===================

Submitted by: ehood                     Project: MHonArc                        
Submitted on: 2002-Oct-21 11:51
Category:  Mail Parsing                 Severity:  9 - Critical                 
Bug Group:  Security                    Resolution:  None                       
Assigned to:  ehood                     Status:  Open                           
Platform Version:  All                  Perl Version:  all                      
Component Version:  <=2.5.12            Fixed Release:                          

Summary:  XSS vulnerability in message header conversion

Original Submission:  (Orginally submitted by Steven M. Christey via private 
1) Cross-site scripting (XSS) possibilities

   - XSS can be inserted into the message MIME header names, e.g.:

      To: <someone(_at_)example(_dot_)com>
      From: <hacker(_at_)example(_dot_)com>
      Header<SCRIPT>hello</SCRIPT>def: whatever

   Fix: apply the "HTML quoting" capability to all header names and

   User workaround: remove the "-extra-" option from the "FieldOrder"
   resource, which says which headers should be archived.

No Followups Have Been Posted

CC list is empty

No files currently attached

For detailed info, follow this link:

To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the

<Prev in Thread] Current Thread [Next in Thread>