Lucene search

Mailscanner Security Vulnerabilities

cve

CVE-2010-3095

mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for...

4.7CVSS

4.7AI Score

0.0004EPSS

2019-11-12 09:15 PM

cve

CVE-2010-3292

The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet...

5.5CVSS

5.5AI Score

0.0004EPSS

2019-11-12 09:15 PM

cve

CVE-2010-3293

mailscanner can allow local users to prevent virus signatures from being...

5.5CVSS

5.4AI Score

0.0004EPSS

2019-10-28 03:15 PM

cve

CVE-2008-5313

mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in...

4.5AI Score

0.0004EPSS

2008-12-03 05:30 PM

cve

CVE-2008-5312

mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new...

6AI Score

0.0004EPSS

2008-12-03 05:30 PM

cve

CVE-2008-5140

trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary...

6AI Score

0.0004EPSS

2008-11-18 04:00 PM

cve

CVE-2005-3470

SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL...

8.5AI Score

0.013EPSS

2005-11-02 11:02 PM

cve

CVE-2005-1706

Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus...

7.5AI Score

0.004EPSS

2005-05-24 04:00 AM

cve

CVE-2002-2228

MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by...

7.6AI Score

0.003EPSS

2002-12-31 05:00 AM