Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » FrontRange Solutions GoldMine HTML Mail Script Execution Vulnerability

FrontRange Solutions GoldMine HTML Mail Script Execution Vulnerability

by Mario Miri on June 2nd, 2003 A vulnerability has been discovered in GoldMine that may result in the execution of malicious HTML and attacker-supplied code. The vulnerability exists due to the way GoldMine handles HTML e-mail. Specifically, any e-mail that includes HTML code will be sent directly to the default web browser (typically Internet Explorer) to be executed.


Vulnerable:
FrontRange Solutions GoldMine Business Contact Manager 6.00.30403
FrontRange Solutions GoldMine Business Contact Manager 6.00.30203
FrontRange Solutions GoldMine Business Contact Manager 6.00.21021
FrontRange Solutions GoldMine Business Contact Manager 5.70.30503
FrontRange Solutions GoldMine Business Contact Manager 5.70.20404


Solution:
http://support.frontrange.com/


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »