CVE-2006-4951 Information

Description

Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment which is stored under the web root with a predictable filename.

Reference

http://secunia.com/advisories/22029 http://vuln.sg/neonmail506-en.html http://www.securityfocus.com/bid/20109 http://www.securityfocus.com/bid/84198 https://exchange.xforce.ibmcloud.com/vulnerabilities/29086