Lucene search

[email protected]CVE-2003-0121

HistoryMar 18, 2003 - 5:00 a.m.

CVE-2003-0121

2003-03-1805:00:00

[email protected]

web.nvd.nist.gov

clearswift

mailsweeper

attachment detection

remote attackers

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.

Affected configurations

NVD

Node

clearswiftmailsweeperMatch4.0

clearswiftmailsweeperMatch4.1

clearswiftmailsweeperMatch4.2

clearswiftmailsweeperMatch4.3

CPENameOperatorVersion
clearswift:mailsweeperclearswift mailsweepereq4.0
clearswift:mailsweeperclearswift mailsweepereq4.1
clearswift:mailsweeperclearswift mailsweepereq4.2
clearswift:mailsweeperclearswift mailsweepereq4.3

CPE	Name	Operator	Version
clearswift:mailsweeper	clearswift mailsweeper	eq	4.0
clearswift:mailsweeper	clearswift mailsweeper	eq	4.1
clearswift:mailsweeper	clearswift mailsweeper	eq	4.2
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3

References

marc.info/?l=bugtraq&m=104716030503607&w=2

www.securityfocus.com/archive/1/316311

www.securityfocus.com/bid/7044

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

Related for CVE-2003-0121

cvelist1 securityvulns1 nvd1