4966 matches found
DSA-292 mime-support - insecure temporary file creation
Bulletin has no description...
CVE-2003-0130
The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...
CVE-2003-0130
The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...
CVE-2003-0130
The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...
Ximian Evolution 1.x - MIME image* Content-Type Data Inclusion
Ximian Evolution 1.x - MIME image Content-Type Data Inclusion source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image...
Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion
source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image information is expected. This can be used to embed HTML tags that...
CVE-2003-0121
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients...
Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue
!-- Step 2: Now create a text file that will be used to hold the MIME encoded attachment. Start notepad or another text editor, and paste in: MIME-Version: 1.0 Content-Location:file:///executable.exe Content-Transfer-Encoding: base64 TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA...
Clearswift MAILsweeper protection bypass
If MIME-Version header is missed or binary encoding is used attachments are not recognized...
.MHT Buffer Overflow in Internet Explorer
CANON SYSTEM SOLUTIONS INC. Security Alert VULNERABILITY:.MHT Buffer Overflow in Internet Explorer DATE FOUND:March 2, 2003 Severity:High Riskcode can be executed remotely ========================================================================== ==== SUMMARY: IE5 introduced the new 'Web Archive'...
Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue
-- Corsaire Security Advisory -- Title: Clearswift MAILsweeper MIME attachment evasion issue Date: 03.03.03 Application: Clearswift MAILsweeper 4.x Environment: Windows NT 4.0, Windows 2000, Author: Martin O'Neal [email protected] Audience: General distribution -- Scope -- The aim of this...
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize...
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper...
HSphere WebShell buffer overflow
Buffer overflow in MIME boundary...
CVE-2002-2325
The c-client library in Internet Message Access Protocol IMAP dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service client crash via a MIME-encoded email with Content-Type header containing an empty boundary field...
CVE-2002-2034
The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments...
DEBIAN-CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...
PT-2002-2497 · Symantec · Symantec Norton Antivirus
Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus NAV version 2002 Description: The issue allows remote attackers to bypass the initial virus scan and cause the software to prematurely stop scanning by using a non-RFC compliant MIME header. The vendor has disputed...
PT-2002-2496 · Symantec · Symantec Norton Antivirus
Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus version 2002 Description: The issue allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. However, the vendor has disputed this issue,...
CVE-2002-1307
Cross-site scripting vulnerability XSS in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name...