Vulnerabilites related to clearswift - mailsweeper
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09D10925-2F78-40C9-9B32-08C689D6412D",
"versionEndIncluding": "4.3.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy."
},
{
"lang": "es",
"value": "Clearswift MAILsweepe anteriores a 4.3.15 no detecta y filtra adecuadamente ficheros codificados RAR 3.20, lo que permite a atacantes remotos saltarse la pol\u00edtica pretendida."
}
],
"id": "CVE-2003-0928",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan entrecomillado malformado en cabeceras MIME, par\u00e1metros y valores, incluyendo (1) campos que no deber\u00edan ser entrecomillados, (2) comillas duplicadas, o (3) falta de caract\u00e9res al principio o al final, lo que puede ser interpretado de manera distinta por clientes de correo electr\u00f3nico."
}
],
"id": "CVE-2003-1016",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.0 | |
| clearswift | mailsweeper | 4.1 | |
| clearswift | mailsweeper | 4.2 | |
| clearswift | mailsweeper | 4.3 | |
| clearswift | mailsweeper | 4.3.3 | |
| clearswift | mailsweeper | 4.3.4 | |
| clearswift | mailsweeper | 4.3.5 | |
| clearswift | mailsweeper | 4.3.6 | |
| clearswift | mailsweeper | 4.3.6_sp1 | |
| clearswift | mailsweeper | 4.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains \"multiple extensions combined with large blocks of white space.\""
}
],
"id": "CVE-2003-1485",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7568"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan codificicaci\u00f3n RFC2231, lo que puede ser interpretado de forma variable por clientes de correo."
}
],
"id": "CVE-2004-0161",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan valores Content-Transfer-Encoding no est\u00e1ndar pero ampliamente soportados, como (1) uuencode, (2) mac-binhex40, y (3) yenc, lo que puede ser interpretado de manera distinta por clientes de correo."
}
],
"id": "CVE-2004-0051",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.0 | |
| clearswift | mailsweeper | 4.1 | |
| clearswift | mailsweeper | 4.2 | |
| clearswift | mailsweeper | 4.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients."
},
{
"lang": "es",
"value": "Clearswift MAIL sweeper 4.x permite a atacantes remotos evitar la detecci\u00f3n de adjuntos mediante un adjunto que no especifica un campo de cabecera MIME-Version, y que es procesado por algunos clientes de correo."
}
],
"id": "CVE-2003-0121",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316311"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7044"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en la pila en la funci\u00f3n get_header de header.c de LHA 1.14 utilizado en productos como Barracuda Spam Firewall, permite a atacantes remotos o a usuarios locales ejecutar c\u00f3digo arbitrario mediante nombres de fichero o de directorio largos en un archivo LHA, lo que dispara el desbordamiento cuando se prueba o se extrae un fichero."
}
],
"id": "CVE-2004-0234",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19514"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015866"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "cve@mitre.org",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5753"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5754"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09D10925-2F78-40C9-9B32-08C689D6412D",
"versionEndIncluding": "4.3.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy."
},
{
"lang": "es",
"value": "Clearswift MAILsweeper anteriores a 4.3.15 no detecta nombres de fichero en ficheros codificados BinHex (HQX), lo que permite a atacantes remotos sortear la pol\u00edtica pretendida."
}
],
"id": "CVE-2003-0930",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.0 | |
| clearswift | mailsweeper | 4.1 | |
| clearswift | mailsweeper | 4.2 | |
| clearswift | mailsweeper | 4.3 | |
| clearswift | mailsweeper | 4.3.3 | |
| clearswift | mailsweeper | 4.3.4 | |
| clearswift | mailsweeper | 4.3.5 | |
| clearswift | mailsweeper | 4.3.6 | |
| clearswift | mailsweeper | 4.3.6_sp1 | |
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached."
}
],
"id": "CVE-2004-2328",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3742"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.secunia.com/advisories/10732/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/9556"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.secunia.com/advisories/10732/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/9556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.0 | |
| clearswift | mailsweeper | 4.1 | |
| clearswift | mailsweeper | 4.2 | |
| clearswift | mailsweeper | 4.3 | |
| clearswift | mailsweeper | 4.3.3 | |
| clearswift | mailsweeper | 4.3.4 | |
| clearswift | mailsweeper | 4.3.5 | |
| clearswift | mailsweeper | 4.3.6 | |
| clearswift | mailsweeper | 4.3.6_sp1 | |
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants."
}
],
"id": "CVE-2003-1154",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/10148"
},
{
"source": "cve@mitre.org",
"url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/2772"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/8982"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/10148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/2772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/8982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) \"..\" (punto punto) o (2) rutas absolutas con barra inicial doble (\"//ruta/absoluta\")."
}
],
"id": "CVE-2004-0235",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan m\u00faltiples campos MIME con el mismo nombre, lo que puede ser interpretado de manera distinta por clientes de correo."
}
],
"id": "CVE-2003-1014",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan caract\u00e9res de separaci\u00f3n no est\u00e1ndar, o usan separadores est\u00e1ndar de manera incorrecta, dentro de cabeceras, campos, par\u00e1metros o valores MIME, lo que puede ser interpretado de manera diferente por clientes de correo."
}
],
"id": "CVE-2004-0052",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan campos con codificaci\u00f3n RFC2047, lo que puede ser interpretado de manera diferente por clientes de correo."
}
],
"id": "CVE-2004-0053",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante encapsulaci\u00f3n MIME que usa campos de comentarios RFC822, lo que puede ser interpretado como otros campos por clientes de correo."
}
],
"id": "CVE-2004-0162",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09D10925-2F78-40C9-9B32-08C689D6412D",
"versionEndIncluding": "4.3.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy."
},
{
"lang": "es",
"value": "Cleanswift MAILsweeper anteriores a 4.3.15 no detectan y filtran de manera adecuada ficheros codificados ZIP 6.0, lo que permite a atacantes remotos saltarse la pol\u00edtica pretendida."
}
],
"id": "CVE-2003-0929",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clearswift | mailsweeper | 4.3.7 | |
| clearswift | mailsweeper | 4.3.8 | |
| clearswift | mailsweeper | 4.3.10 | |
| clearswift | mailsweeper | 4.3.11 | |
| clearswift | mailsweeper | 4.3.13 | |
| clearswift | mailsweeper | 4.3.14 | |
| clearswift | mailsweeper | 4.3.15 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 | |
| paul_l_daniels | ripmime | 1.2.0 | |
| paul_l_daniels | ripmime | 1.2.1 | |
| paul_l_daniels | ripmime | 1.2.2 | |
| paul_l_daniels | ripmime | 1.2.3 | |
| paul_l_daniels | ripmime | 1.2.4 | |
| paul_l_daniels | ripmime | 1.2.5 | |
| paul_l_daniels | ripmime | 1.2.6 | |
| paul_l_daniels | ripmime | 1.2.7 | |
| paul_l_daniels | ripmime | 1.3.2.0 | |
| paul_l_daniels | ripmime | 1.3.2.2 | |
| paul_l_daniels | ripmime | 1.3.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients."
},
{
"lang": "es",
"value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan espacios en blanco de manera inusual, lo que puede ser interpretado diferentemente por clientes de correo."
}
],
"id": "CVE-2003-1015",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2004-0051 (GCVE-0-2004-0051)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
},
{
"name": "mime-contenttransfer-filter-bypass(17337)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
},
{
"name": "mime-contenttransfer-filter-bypass(17337)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
},
{
"name": "mime-contenttransfer-filter-bypass(17337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0051",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-01-14T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1154 (GCVE-0-2003-1154)
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 02:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:45.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8982",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8982"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
},
{
"name": "mailsweeper-zip-virus-bypass(13611)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
},
{
"name": "10148",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10148"
},
{
"name": "2772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2772"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8982",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8982"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
},
{
"name": "mailsweeper-zip-virus-bypass(13611)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
},
{
"name": "10148",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10148"
},
{
"name": "2772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2772"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8982"
},
{
"name": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More=",
"refsource": "MISC",
"url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
},
{
"name": "mailsweeper-zip-virus-bypass(13611)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
},
{
"name": "10148",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10148"
},
{
"name": "2772",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2772"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1154",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T02:19:45.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1015 (GCVE-0-2003-1015)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
},
{
"name": "mime-tools-incorrect-concatenation(9273)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
},
{
"name": "mime-tools-incorrect-concatenation(9273)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
},
{
"name": "mime-tools-incorrect-concatenation(9273)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1015",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2003-12-17T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0234 (GCVE-0-2004-0234)
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015866",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt",
"refsource": "MISC",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0234",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0930 (GCVE-0-2003-0930)
Vulnerability from cvelistv5
Published
2004-08-18 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:34.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.corsaire.com/advisories/c030807-001.txt",
"refsource": "MISC",
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0930",
"datePublished": "2004-08-18T04:00:00",
"dateReserved": "2003-11-05T00:00:00",
"dateUpdated": "2024-08-08T02:12:34.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2328 (GCVE-0-2004-2328)
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-08 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://www.secunia.com/advisories/10732/"
},
{
"name": "3742",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3742"
},
{
"name": "mailsweeper-smtp-rar-dos(14979)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
},
{
"name": "9556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9556"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://www.secunia.com/advisories/10732/"
},
{
"name": "3742",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3742"
},
{
"name": "mailsweeper-smtp-rar-dos(14979)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
},
{
"name": "9556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9556"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10732",
"refsource": "SECUNIA",
"url": "http://www.secunia.com/advisories/10732/"
},
{
"name": "3742",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3742"
},
{
"name": "mailsweeper-smtp-rar-dos(14979)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
},
{
"name": "9556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9556"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2328",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-08-16T00:00:00",
"dateUpdated": "2024-08-08T01:22:13.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0161 (GCVE-0-2004-0161)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-tools-parameter-encoding(9274)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-tools-parameter-encoding(9274)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-tools-parameter-encoding(9274)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0161",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-02-18T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0235 (GCVE-0-2004-0235)
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:840",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0235",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0929 (GCVE-0-2003-0929)
Vulnerability from cvelistv5
Published
2004-08-18 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:34.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.corsaire.com/advisories/c030807-001.txt",
"refsource": "MISC",
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0929",
"datePublished": "2004-08-18T04:00:00",
"dateReserved": "2003-11-05T00:00:00",
"dateUpdated": "2024-08-08T02:12:34.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0052 (GCVE-0-2004-0052)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mime-separator-filtering-bypass(17334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME separator issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mime-separator-filtering-bypass(17334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME separator issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mime-separator-filtering-bypass(17334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME separator issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0052",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-01-14T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0121 (GCVE-0-2003-0121)
Vulnerability from cvelistv5
Published
2003-03-13 05:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
},
{
"name": "20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316311"
},
{
"name": "7044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
},
{
"name": "20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/316311"
},
{
"name": "7044",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7044"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
},
{
"name": "20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/316311"
},
{
"name": "7044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7044"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0121",
"datePublished": "2003-03-13T05:00:00",
"dateReserved": "2003-03-03T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0928 (GCVE-0-2003-0928)
Vulnerability from cvelistv5
Published
2004-08-18 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:34.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.corsaire.com/advisories/c030807-001.txt",
"refsource": "MISC",
"url": "http://www.corsaire.com/advisories/c030807-001.txt"
},
{
"name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0928",
"datePublished": "2004-08-18T04:00:00",
"dateReserved": "2003-11-05T00:00:00",
"dateUpdated": "2024-08-08T02:12:34.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0053 (GCVE-0-2004-0053)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-rfc2047-filtering-bypass(17331)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-rfc2047-filtering-bypass(17331)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-rfc2047-filtering-bypass(17331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0053",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-01-14T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1016 (GCVE-0-2003-1016)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mime-quote-filtering-bypass(17336)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mime-quote-filtering-bypass(17336)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mime-quote-filtering-bypass(17336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1016",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2003-12-17T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1485 (GCVE-0-2003-1485)
Vulnerability from cvelistv5
Published
2007-10-24 23:00
Modified
2024-09-17 02:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"name": "7568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7568"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains \"multiple extensions combined with large blocks of white space.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-24T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"name": "7568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7568"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains \"multiple extensions combined with large blocks of white space.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm",
"refsource": "CONFIRM",
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"name": "7568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7568"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1485",
"datePublished": "2007-10-24T23:00:00Z",
"dateReserved": "2007-10-24T00:00:00Z",
"dateUpdated": "2024-09-17T02:31:17.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0162 (GCVE-0-2004-0162)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-rfc822-filtering-bypass(17332)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-rfc822-filtering-bypass(17332)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-rfc822-filtering-bypass(17332)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0162",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-02-18T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1014 (GCVE-0-2003-1014)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-field-filtering-bypass(17333)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-field-filtering-bypass(17333)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
},
{
"name": "mime-field-filtering-bypass(17333)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1014",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2003-12-17T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}