Symantec Brightmail Anti-Spam 6.0 - Unauthorized Message Disclosure

EDB-ID:

24251




Platform:

CGI

Date:

2004-07-05


source: https://www.securityfocus.com/bid/10657/info

Symantec Brightmail anti-spam is reported prone to an unauthorized message disclosure vulnerability.

This issue exists in the Brightmail anti-spam control center. Due to improper access validation a remote attacker can read users' filtered email.

Symantec Brightmail anti-spam 6.0 is reported prone to this issue, however, other versions may be affected as well.

/brightmail/quarantine/viewMsgDetails.do?id=QMsgView-[some-value]