Home » Hacking News » IncrediMail Ltd. IncrediMail Known Attachment Location Vulnerability
IncrediMail Ltd. IncrediMail Known Attachment Location Vulnerability
by Nikola Strahija on March 17th, 2002 Incredimail is an email client for Microsoft Windows based systems. It includes support for a wide range of rich, multimedia features such as sound, animations and backgrounds in email.
A weakness has been discovered in some versions of Incredimail. When email is received including a file attachment, the file is automatically stored in a predictable location on the local system. An attacker may be able to use this knowledge to launch further attacks against the vulnerable system.
Remote: Yes
Exploit: No exploit is required.
Vulnerable: IncrediMail Ltd. IncrediMail 0.0Build 618
IncrediMail Ltd. IncrediMail 0.0Build 560
IncrediMail Ltd. IncrediMail 0.0Build 1400185