General Information

IMAP Injection

Variants:
Direct Persistent Session 

Also Known As:
MX Injection, Mail Command Injection

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Input Validation, Syntax Escaping

Invented In:
15/02/2006

Added In:
08/12/2014


Vector Operation Method:
Malicious inputs can affect the structure of IMAP requests generated in the server


Direct Variant:

IMAP Injection

Variant Title:
IMAP Injection

Typical Severity:
Medium

Learn More:


Persistent Variant:

Stored IMAP Injection

Also Known As:
Persistent IMAP Injection

Typical Severity:
Medium

Resources:

White Papers:

Learn More:


Session Variant:

IMAP Injection via Session Puzzling

Also Known As:
Session IMAP Injection

Typical Severity:
Medium

Resources:

White Papers:

Learn More: