header-logo
Suggest Exploit
vendor:
MailSweeper
by:
SecurityFocus
4.3
CVSS
MEDIUM
Malformed MIME Email Message Attachment Processing
20
CWE
Product Name: MailSweeper
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Clearswift MailSweeper Malformed MIME Email Message Attachment Processing Vulnerability

Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper allows such attachments through, even if it is set to filter executable type file attachments from incoming email messages.

Mitigation:

Users should ensure that their version of Clearswift MailSweeper is up to date.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7044/info

Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper allows such attachments through, even if it is set to filter executable type file attachments from incoming email messages.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22338.zip

Navigation

Suggest Exploit

Services By CQR