Lucene search

[email protected]CVE-2006-3523

HistoryJul 12, 2006 - 12:05 a.m.

CVE-2006-3523

2006-07-1200:05:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-3523

denial of service

clearswift mimesweeper

web policy engine

vulnerability

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.014 Low

EPSS

Percentile

86.1%

JSON

Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate.

CPENameOperatorVersion
clearswift:mimesweeper_for_webclearswift mimesweeper for weble5.1.14

CPE	Name	Operator	Version
clearswift:mimesweeper_for_web	clearswift mimesweeper for web	le	5.1.14

References

download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.htm

secunia.com/advisories/20998

www.vupen.com/english/advisories/2006/2731

exchange.xforce.ibmcloud.com/vulnerabilities/27643

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.014 Low

EPSS

Percentile

86.1%

JSON

Related for CVE-2006-3523

kaspersky1