The remote host is running IMail web interface. In this version, the session is maintained via the URL. It will be disclosed in the Referer field if you receive an email with external links (e.g. images)
Upgrade to IMail 7.06 or turn off the 'ignore source address in security check' option.
- Apache HTTP Server 'mod_dav_svn' Denial of Service Vulnerability (Windows)
- httpdx Space Character Remote File Disclosure Vulnerability
- Ecava IntegraXor Multiple Cross-Site Scripting Vulnerabilities (Windows)
- Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities
- Ecava IntegraXor Account Information Disclosure Vulnerability