Security Bulletin MS01-020

Title: Incorrect MIME Header Can Cause IE to Execute E-mail Attachment Date: 29 March 2001 Software: Microsoft Internet Explorer Impact: Run code of attacker's choice. Bulletin: MS01-020 Microsoft encourages customers to review the Security Bulletin at:...

Проблема с InoculateIT

InoculateIT для Exchange не будет проверять файлы прикрепленные к письму, если в письме отсутствует RFC-822 заголовок From:, если сообщение содержит только прикрепленный файл, если есть вложенные сообщения или если письмо должно придти в папку отличную от Inbox...

Ipswitch IMail 6.x - File Attachment

source: https://www.securityfocus.com/bid/1617/info IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383 for it's end users to access. Via th...

CVE-2000-0614

The CVE-2000-0614 entry concerns the TNEF program on Linux systems, where remote attackers can overwrite arbitrary files by sending TNEF-encoded compressed attachments that specify absolute paths for decompressed output. The NVD metrics indicate high severity with network attack vector, no authen...

CVE-2000-0342

CVE-2000-0342 (Eudora 4.x) describes a vulnerability where remote attackers can bypass the user warning for executable attachments (.exe, .com, .bat) by using a .lnk file that references the attachment, a.k.a. “Stealth Attachment.” The linked PT-2000-1308 entry confirms the affected software as E...

CVE-2000-0614

Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output...

PT-2000-1014 · Qualcomm · Eudora

Name of the Vulnerable Software and Affected Versions: Eudora version 4.1 Description: The issue allows remote attackers to perform a denial of service by sending attachments with long file names. Recommendations: For Eudora version 4.1, consider restricting the acceptance of attachments with lon...

CVE-2000-0342

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."...

PT-2000-1308 · Qualcomm · Eudora

Name of the Vulnerable Software and Affected Versions: Eudora versions 4.x Description: The issue allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment. This is also known as "Stealth...

CVE-2000-0033

InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments...

winmail305.txt

I found some vulnerabilities if windmail run as a CGI application.tested On WindowsNT 4.0, Windmail 3.05 successfully. WindMail is a 32-bit Windows console program by geocel that gives you command-line e-mail messaging capability. You can download an evaluation copy of WindMail 3.0 at:...

FreeBSD-SA-00:07.mh

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:07 Security Advisory FreeBSD, Inc. Topic: mh/nmh/exmh/exmh2 ports allow remote execution of binary code Category: ports Module: mh/nmh/exmh/exmh2 Announced: 2000-03-15...

CVE-1999-0427

Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names...

CVE-2000-0033

InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments...

BTD Studio Zom-Mail 1.0.9 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/761/info In certain versions of the BTD Zom-Mail server there exists a buffer overflow which may be remotely exploitable by malicious users. The problem in question is in the handling of overly past 256 chars long file names for file attachments...

CVE-1999-0065

Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands...

solaris-dtmail-bof.txt

Solaris DTmail vulnerable to buffer overflow attack. DTmail - a program that acts as a mail user agent for the Common Desktop Environment CDE - is vulnerable to a buffer overflow attack which might cause the execution of arbitrary code with the privileges of the user "mail" and that of the actual...

melissa.txt

http://www.melissavirus.com/ ----------------------------------------------------------------- Date: Mon, 5 Apr 1999 05:01:14 -0700 From: [email protected] Subject: Information Security Educators Mailing List 1999-03-30 --------------------------------------------- From: "Rob Slade, doting grandpa o...

CVE-1999-1017

Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message...

Security Update For Exchange Server 2013 CU12 (KB3184736)

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In libraries that are built into Exchange Server if an attacker sends an email with a specially crafted attachment to a...