Home » Hacking News » IncrediMail Ltd. IncrediMail Known Attachment Location Vulnerability

IncrediMail Ltd. IncrediMail Known Attachment Location Vulnerability

by Nikola Strahija on March 17th, 2002 Incredimail is an email client for Microsoft Windows based systems. It includes support for a wide range of rich, multimedia features such as sound, animations and backgrounds in email.

A weakness has been discovered in some versions of Incredimail. When email is received including a file attachment, the file is automatically stored in a predictable location on the local system. An attacker may be able to use this knowledge to launch further attacks against the vulnerable system.

Remote: Yes

Exploit: No exploit is required.

Vulnerable: IncrediMail Ltd. IncrediMail 0.0Build 618
IncrediMail Ltd. IncrediMail 0.0Build 560
IncrediMail Ltd. IncrediMail 0.0Build 1400185

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Users login

JOIN XATRIX

IncrediMail Ltd. IncrediMail Known Attachment Location Vulnerability

Related articles

Advisories

Vulnerabilities

From the forum

Newsletter signup

Free E-books

Contact