The host is running Merak Mail Server and is prone to script injection vulnerability. Vulnerability: Input passed via <IMG> HTML tags in emails are not properly sanitised before being displayed in the users system.

Successful exploitation could result in insertion of arbitrary HTML and script code via a specially crafted email in a user's browser session in the context of an affected site. Impact Level: Application

Upgrade to Merak Mail Server 9.4.0 http://www.icewarp.com

Merak Mail Server 9.3.2 and prior.

• http://blog.vijatov.com/index.php?itemid=11
• http://osvdb.org/50885
• http://secunia.com/advisories/32770
• http://xforce.iss.net/xforce/xfdb/47533

---

Updated on 2015-03-25