----------------------------------------------------------------------

Did you know? Our assessment and impact rating along with detailed
information such as exploit code availability, or if an updated patch
is released by the vendor, is not part of this mailing-list?
        
Click here to learn more about our commercial solutions:
http://secunia.com/advisories/business_solutions/
        
Click here to trial our solutions:
http://secunia.com/advisories/try_vi/

----------------------------------------------------------------------

TITLE:
Futomi's CGI Cafe MP Form Mail CGI Security Bypass

SECUNIA ADVISORY ID:
SA34197

VERIFY ADVISORY:
http://secunia.com/advisories/34197/

DESCRIPTION:
A vulnerability has been reported in Futomi's CGI Cafe MP Form Mail
CGI, which can be exploited by malicious people to bypass certain
security restrictions.

The vulnerability is caused due to an unspecified error and can be
exploited to gain administrative access to the application. No
additional information is currently available.

The vulnerability is reported in the following editions and
versions:
- MP Form Mail CGI eCommerce version 1.3.0
- MP Form Mail CGI Professional version 3.2.2

SOLUTION:
Update to the latest version.

PROVIDED AND/OR DISCOVERED BY:
Reported via JPCERT.

ORIGINAL ADVISORY:
JVN:
http://jvn.jp/jp/JVN84899898/index.html

Futomi's CGI Cafe:
http://www.futomi.com/library/info/2009/20090310.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------