16 matches found
CVE-2004-0234
CVE-2004-0234: LHA 1.14 contains multiple stack-based buffer overflows in get_header() of header.c, allowing remote attackers or local users to execute arbitrary code via long directory/file names in an LHA archive. The issue affects LHA as used in products such as Barracuda Spam Firewall; overfl...
CVE-2004-0235
CVE-2004-0235 impacts LHa (LHA) 1.14.x releases. Multiple directory traversal vulnerabilities allow remote attackers or local users to create arbitrary files via an archive containing filenames with .. sequences or absolute paths (//absolute/path). The issue affects LHA 1.14 (and related variants...
CVE-2003-1015
CVE-2003-1015: Affects multiple content security gateway and antivirus products. Issue: MIME messages that use whitespace in an unusual fashion may be interpreted differently by mail clients, allowing bypass of content restrictions (vulnerability in how MIME is parsed). Impact: potential bypass o...
CVE-2003-0928
CVE-2003-0928 concerns Clearswift MAILsweeper prior to 4.3.15. The issue is that the product does not properly detect and filter RAR 3.20 encoded files, allowing remote attackers to bypass the product’s policy enforcement. The core impact is the circumvention of policy controls, enabling content ...
CVE-2004-0162
The CVE-2004-0162 entry describes a vulnerability in multiple content security gateway and antivirus products where MIME encapsulation using RFC822 comment fields can be misinterpreted by mail clients, allowing bypass of content restrictions. The affected software is referred to generically (mult...
CVE-2004-0161
The CVE-2004-0161 issue affects multiple content security gateway and antivirus products. The vulnerability allows remote attackers to bypass content restrictions by sending MIME messages encoded with RFC2231, which can be interpreted differently by mail clients. The NVD entry shows a base CVSS v...
CVE-2004-0052
CVE-2004-0052 concerns multiple content security gateways and antivirus products. It describes bypassing content restrictions via MIME messages that use non-standard separator characters or misuse standard separators in MIME headers/fields/parameters, leading to potential partial exposure of conf...
CVE-2004-0051
CVE-2004-0051 affects multiple content security gateway and antivirus products. The issue arises from MIME Content-Transfer-Encoding values that are non-standard but widely supported (uuencode, mac-binhex40, yenc), which may be interpreted differently by mail clients and allow remote attackers to...
CVE-2004-0053
The CVE-2004-0053 issue affects multiple content security gateway and antivirus products, where RFC2047-encoded MIME fields can be interpreted differently by mail clients, enabling remote attackers to bypass content restrictions. The root cause is inconsistent handling/interpretation of RFC2047 e...
CVE-2003-0929
The provided data shows a concrete vulnerability: Clearswift MAILsweeper before version 4.3.15 fails to properly detect and filter ZIP 6.0 encoded files, allowing remote attackers to bypass policy. Affected product: MAILsweeper (SMTP) pre-4.3.15. Impact per sources: partial confidentiality, integ...
CVE-2003-0930
CVE-2003-0930 affects Clearswift MAILsweeper prior to version 4.3.15 and arises from incorrect detection of filenames in BinHex (HQX) encoded files, allowing remote attackers to bypass the product’s policy enforcement. The vulnerability is exploitable remotely by sending HQX-encoded content, with...
CVE-2003-0121
CVE-2003-0121 affects Clearswift MAILsweeper 4.x. The issue is a MIME-attachment evasion where an attachment lacking a MIME-Version header can bypass detection by some mail clients, allowing the attacker to pass the attachment unrecognized. The NVD entry notes a network-path attack with low compl...
CVE-2003-1154
CVE-2003-1154 affects MAILsweeper for SMTP 4.3. remote attackers could bypass virus protection by sending a mail with a malformed ZIP attachment, exploiting certain MIMAIL variants. The cited documents do not provide the vulnerable version ranges beyond 4.3, nor a confirmed patch or workaround. N...
CVE-2004-2328
The CVE concerns Clearswift MAILsweeper for SMTP prior to version 4.3_13. It is triggered by processing an e-mail with a crafted RAR archive attached, causing an infinite loop and resulting in a denial of service. The vulnerability affects the SMTP‑scanning path of MAILsweeper and is described in...
CVE-2003-1016
The CVE-2003-1016 entry describes a vulnerability in multiple content security gateway and antivirus products where remote attackers can bypass content restrictions by sending MIME messages with malformed quoting in headers/parameters/values. The issue arises from fields that should not be quoted...
CVE-2003-1485
The CVE-2003-1485 entry concerns Clearswift MAILsweeper versions 4.0–4.3.7, where remote attackers can bypass mail filtering by sending a file attachment that uses “multiple extensions combined with large blocks of white space.” The connected sources confirm the affected product family and the by...