Lucene search
HistoryJun 18, 2001 - 4:00 a.m.
CVE-2001-0398
bat! mail client
remote attackers
arbitrary commands
cve-2001-0398
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
64.8%
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment’s type with a different icon.
Affected configurations
Node
ritlabsthe_batMatch1.0_build1336
ORritlabsthe_batMatch1.0_build1349
ORritlabsthe_batMatch1.1
ORritlabsthe_batMatch1.011
ORritlabsthe_batMatch1.14
ORritlabsthe_batMatch1.15
ORritlabsthe_batMatch1.015
ORritlabsthe_batMatch1.17
ORritlabsthe_batMatch1.18
ORritlabsthe_batMatch1.19
ORritlabsthe_batMatch1.21
ORritlabsthe_batMatch1.22
ORritlabsthe_batMatch1.028
ORritlabsthe_batMatch1.029
ORritlabsthe_batMatch1.31
ORritlabsthe_batMatch1.031
ORritlabsthe_batMatch1.32
ORritlabsthe_batMatch1.032
ORritlabsthe_batMatch1.33
ORritlabsthe_batMatch1.34
ORritlabsthe_batMatch1.035
ORritlabsthe_batMatch1.35
ORritlabsthe_batMatch1.036
ORritlabsthe_batMatch1.36
ORritlabsthe_batMatch1.037
ORritlabsthe_batMatch1.39
ORritlabsthe_batMatch1.039
ORritlabsthe_batMatch1.041
ORritlabsthe_batMatch1.41
ORritlabsthe_batMatch1.42
ORritlabsthe_batMatch1.42f
ORritlabsthe_batMatch1.043
ORritlabsthe_batMatch1.43
ORritlabsthe_batMatch1.44
ORritlabsthe_batMatch1.45
ORritlabsthe_batMatch1.46
ORritlabsthe_batMatch1.47
ORritlabsthe_batMatch1.48
ORritlabsthe_batMatch1.49
ORritlabsthe_batMatch1.101
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
64.8%
Related for CVE-2001-0398