Search...

CVE-2006-3523

2006-07-12T00:05:00

ID CVE-2006-3523
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:32:00

Description

Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-3523", "bulletinFamily": "NVD", "title": "CVE-2006-3523", "description": "Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate.", "published": "2006-07-12T00:05:00", "modified": "2017-07-20T01:32:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3523", "reporter": "cve@mitre.org", "references": ["http://www.vupen.com/english/advisories/2006/2731", "http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.htm", "https://exchange.xforce.ibmcloud.com/vulnerabilities/27643", "http://secunia.com/advisories/20998"], "cvelist": ["CVE-2006-3523"], "type": "cve", "lastseen": "2019-05-29T18:08:33", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "07f4c4c8a5e4d5a7f55d831f9f13b20c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "6891d5ef8ea08afec14bfe08c9fb76dd"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "d62b47fe3febcad0774e46ee6d408604"}, {"key": "href", "hash": "20d4620639efe7aafea72b63cb7d9549"}, {"key": "modified", "hash": "2eb3c7251ef3f05dc2da2096e368b34a"}, {"key": "published", "hash": "a5831357610dd3feab48e88d1411f7a5"}, {"key": "references", "hash": "523bd4552e40cd68072f888aa4d46304"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "63d7ffa9b6c50624e3de1c7f42415d1f"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "7004cb6282ba0e4bbcd97cdb81545b784831d50bb3462329aa3f07f534d6b8ec", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "kaspersky", "idList": ["KLA10251"]}, {"type": "osvdb", "idList": ["OSVDB:27116"]}], "modified": "2019-05-29T18:08:33"}, "score": {"value": 4.7, "vector": "NONE", "modified": "2019-05-29T18:08:33"}, "vulnersScore": 4.7}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "clearswift mimesweeper_for_web", "operator": "le", "version": "5.1.14"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:23", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 5.1.15 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.clearswift.com/\nVendor Specific News/Changelog Entry: http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.htm\n[Secunia Advisory ID:20998](https://secuniaresearch.flexerasoftware.com/advisories/20998/)\n[Related OSVDB ID: 27115](https://vulners.com/osvdb/OSVDB:27115)\nFrSIRT Advisory: ADV-2006-2731\n[CVE-2006-3523](https://vulners.com/cve/CVE-2006-3523)\n", "modified": "2006-07-10T09:04:18", "published": "2006-07-10T09:04:18", "href": "https://vulners.com/osvdb/OSVDB:27116", "id": "OSVDB:27116", "title": "MIMEsweeper for Web Encrypted RAR Processing DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-03-21T00:14:27", "bulletinFamily": "info", "description": "### *Detect date*:\n07/11/2006\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn unspecified vulnerability was found in Clearswift MIMEsweeper. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed RAR file.\n\n### *Affected products*:\nClearswift MIMEsweeper for Web versions 5.1.14 and earlier\n\n### *Solution*:\nUpdate to latest version\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[MIMEsweeper for Web](<https://threats.kaspersky.com/en/product/MIMEsweeper-for-Web/>)\n\n### *CVE-IDS*:\n[CVE-2006-3523](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3523>)5.0Critical", "modified": "2019-03-07T00:00:00", "published": "2006-07-11T00:00:00", "id": "KLA10251", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10251", "title": "\r KLA10251DoS vulnerability in Clearswift MIMEsweeper ", "type": "kaspersky", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}