Vigil@nce - McAfee Email Gateway: multiple vulnerabilities
October 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of McAfee Email
Gateway.
Impacted products: McAfee Email Gateway
Severity: 2/4
Creation date: 16/10/2013
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in McAfee Email Gateway.
An attacker can inject commands, in order to execute code.
[severity:2/4; KB79280]
An attacker can use a Linux vulnerability. [severity:2/4;
CVE-1999-0524, KB78229]
An attacker can trigger a Cross Site Scripting, in order to
execute JavaScript code in the context of the web site.
[severity:2/4; KB78444]
An attacker can use HTTP OPTIONS, in order to obtain sensitive
information. [severity:2/4; KB79119]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/McAfee-Email-Gateway-multiple-vulnerabilities-13609