Lucene search

[email protected]CVE-2004-0162

HistoryOct 20, 2004 - 4:00 a.m.

CVE-2004-0162

2004-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0162

content security gateway

antivirus

bypass

mime encapsulation

rfc822 comment fields

remote attack

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.

CPENameOperatorVersion
paul_l_daniels:ripmimepaul l daniels ripmimeeq1.2.0
f-secure:internet_gatekeeperf-secure internet gatekeepereq6.32
f-secure:internet_gatekeeperf-secure internet gatekeepereq6.3
paul_l_daniels:ripmimepaul l daniels ripmimeeq1.2.2
paul_l_daniels:ripmimepaul l daniels ripmimeeq1.3.2.2
clearswift:mailsweeperclearswift mailsweepereq4.3.7
paul_l_daniels:ripmimepaul l daniels ripmimeeq1.2.3
paul_l_daniels:ripmimepaul l daniels ripmimeeq1.2.6
paul_l_daniels:ripmimepaul l daniels ripmimeeq1.3.2.3
clearswift:mailsweeperclearswift mailsweepereq4.3.15

CPE	Name	Operator	Version
paul_l_daniels:ripmime	paul l daniels ripmime	eq	1.2.0
f-secure:internet_gatekeeper	f-secure internet gatekeeper	eq	6.32
f-secure:internet_gatekeeper	f-secure internet gatekeeper	eq	6.3
paul_l_daniels:ripmime	paul l daniels ripmime	eq	1.2.2
paul_l_daniels:ripmime	paul l daniels ripmime	eq	1.3.2.2
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.7
paul_l_daniels:ripmime	paul l daniels ripmime	eq	1.2.3
paul_l_daniels:ripmime	paul l daniels ripmime	eq	1.2.6
paul_l_daniels:ripmime	paul l daniels ripmime	eq	1.3.2.3
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.15

Rows per page:

1-10 of 221

References

marc.info/?l=bugtraq&m=109517563513776&w=2

www.uniras.gov.uk/vuls/2004/380375/mime.htm

exchange.xforce.ibmcloud.com/vulnerabilities/17332

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON