Lucene search

[email protected]CVE-2003-1477

HistoryOct 24, 2007 - 11:00 p.m.

CVE-2003-1477

2007-10-2423:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2003-1477

denial of service

cpu consumption

powerpoint attachment

embedded objects

nvd

mailsweeper

smtp

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains “embedded objects.”

Affected configurations

NVD

Node

microsoftall_windows

AND

clearswiftmailsweeper_for_smtpMatch4.3.6

clearswiftmailsweeper_for_smtpMatch4.3.7

CPENameOperatorVersion
clearswift:mailsweeper_for_smtpclearswift mailsweeper for smtpeq4.3.6
clearswift:mailsweeper_for_smtpclearswift mailsweeper for smtpeq4.3.7

CPE	Name	Operator	Version
clearswift:mailsweeper_for_smtp	clearswift mailsweeper for smtp	eq	4.3.6
clearswift:mailsweeper_for_smtp	clearswift mailsweeper for smtp	eq	4.3.7

References

www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm

www.securityfocus.com/bid/7562

exchange.xforce.ibmcloud.com/vulnerabilities/12052

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2003-1477

nvd1 cvelist1 nessus1