CVE-2003-1016Mailsweeper vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 43.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Clearswift MailsweeperF-secure Internet GatekeeperPaul L Daniels Ripmime
Timeline
PublishedOct 20
Latest updateApr 29

Description

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDpaul_l_daniels/ripmime11 versions+10
NVDclearswift/mailsweeper7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-4hc7-ghcx-6x92: Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed qu2022-04-29
CVEList
CVE-2003-1016: Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed qu2004-09-24
CVE-2003-1016 — Clearswift Mailsweeper vulnerability | cvebase