Lucene search
+L

4966 matches found

osv
osv
added 2003/04/22 12:0 a.m.30 views

DSA-292 mime-support - insecure temporary file creation

Bulletin has no description...

4.6CVSS6.2AI score0.00321EPSS
Exploits0
nvd
nvd
added 2003/03/24 5:0 a.m.18 views

CVE-2003-0130

The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...

5CVSS6.5AI score0.10335EPSS
Exploits1References9
osv
osv
added 2003/03/24 5:0 a.m.8 views

CVE-2003-0130

The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...

6.7AI score
Exploits0References12
cvelist
cvelist
added 2003/03/21 5:0 a.m.25 views

CVE-2003-0130

The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...

6.5AI score0.10335EPSS
Exploits1References9
exploitpack
exploitpack
added 2003/03/19 12:0 a.m.18 views

Ximian Evolution 1.x - MIME image* Content-Type Data Inclusion

Ximian Evolution 1.x - MIME image Content-Type Data Inclusion source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image...

0.4AI score
Exploits0
exploitdb
exploitdb
added 2003/03/19 12:0 a.m.30 views

Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion

source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image information is expected. This can be used to embed HTML tags that...

7.4AI score
Exploits0
nvd
nvd
added 2003/03/18 5:0 a.m.16 views

CVE-2003-0121

Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients...

7.5CVSS6.7AI score0.03071EPSS
Exploits0References3
securityvulns
securityvulns
added 2003/03/12 12:0 a.m.32 views

Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue

!-- Step 2: Now create a text file that will be used to hold the MIME encoded attachment. Start notepad or another text editor, and paste in: MIME-Version: 1.0 Content-Location:file:///executable.exe Content-Transfer-Encoding: base64 TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/03/12 12:0 a.m.42 views

Clearswift MAILsweeper protection bypass

If MIME-Version header is missed or binary encoding is used attachments are not recognized...

2.4AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2003/03/11 12:0 a.m.29 views

.MHT Buffer Overflow in Internet Explorer

CANON SYSTEM SOLUTIONS INC. Security Alert VULNERABILITY:.MHT Buffer Overflow in Internet Explorer DATE FOUND:March 2, 2003 Severity:High Riskcode can be executed remotely ========================================================================== ==== SUMMARY: IE5 introduced the new 'Web Archive'...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2003/03/09 12:0 a.m.39 views

Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue

-- Corsaire Security Advisory -- Title: Clearswift MAILsweeper MIME attachment evasion issue Date: 03.03.03 Application: Clearswift MAILsweeper 4.x Environment: Windows NT 4.0, Windows 2000, Author: Martin O'Neal [email protected] Audience: General distribution -- Scope -- The aim of this...

7.5CVSS6AI score0.03071EPSS
Exploits0
exploitpack
exploitpack
added 2003/03/07 12:0 a.m.17 views

Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass

Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2003/03/07 12:0 a.m.41 views

Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass

source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/01/08 12:0 a.m.60 views

HSphere WebShell buffer overflow

Buffer overflow in MIME boundary...

2.6AI score
Exploits0References1Affected Software1
nvd
nvd
added 2002/12/31 5:0 a.m.19 views

CVE-2002-2325

The c-client library in Internet Message Access Protocol IMAP dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service client crash via a MIME-encoded email with Content-Type header containing an empty boundary field...

7.8CVSS6.6AI score0.03461EPSS
Exploits1References3
nvd
nvd
added 2002/12/31 5:0 a.m.18 views

CVE-2002-2034

The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments...

7.5CVSS7.7AI score0.02981EPSS
Exploits0References3
osv
osv
added 2002/12/31 5:0 a.m.8 views

DEBIAN-CVE-2002-1765

Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...

5CVSS6.8AI score0.01634EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2002/12/31 12:0 a.m.6 views

PT-2002-2497 · Symantec · Symantec Norton Antivirus

Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus NAV version 2002 Description: The issue allows remote attackers to bypass the initial virus scan and cause the software to prematurely stop scanning by using a non-RFC compliant MIME header. The vendor has disputed...

7.5CVSS7.1AI score0.02574EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2002/12/31 12:0 a.m.6 views

PT-2002-2496 · Symantec · Symantec Norton Antivirus

Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus version 2002 Description: The issue allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. However, the vendor has disputed this issue,...

7.5CVSS7AI score0.02574EPSS
Exploits0References8
osv
osv
added 2002/11/29 5:0 a.m.6 views

CVE-2002-1307

Cross-site scripting vulnerability XSS in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name...

5.6AI score
Exploits0References6
Rows per page
Query Builder