Insufficient verification vulnerability exists in Broadcast Mail CGI (pmc.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a user who can upload files through the product may execute an arbitrary executable file with the web server's execution privilege.
History

Thu, 07 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-434
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2024-03-18T00:32:49.426Z

Updated: 2024-11-07T16:51:56.297Z

Reserved: 2023-08-29T05:55:01.606Z

Link: CVE-2023-39933

cve-icon Vulnrichment

Updated: 2024-08-02T18:18:10.072Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-18T01:15:48.347

Modified: 2024-11-21T08:16:04.100

Link: CVE-2023-39933

cve-icon Redhat

No data.