Full title: PinApp Mail-SeCure Access Control Failure 
Category: local exploits
Platform: multiple
Core Security Technologies Advisory - A security vulnerability was discovered in PineApp Mail-SeCure Suite, allowing a non-privileged attacker to get a root shell by sending a specially crafted command from the Mail-SeCure console. A valid user account is needed to launch the attack, so this is a privileged escalation vulnerability that can be exploited locally only. All Mail-SeCure versions prior to 3.70 are affected.

# 0day.today @ http://0day.today/