Arbitrary Program Execution Vulnerability in EMU Webmail

CVE-2002-0532 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

EMU Webmail allows local users to execute arbitrary programs via a .. (dot dot) in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters.

Learn more about our Web App Pen Testing.