CVE-2004-0162 — Mailsweeper vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 43.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clearswift Mailsweeper F-secure Internet Gatekeeper Paul L Daniels Ripmime

Timeline

PublishedOct 20

Latest updateApr 29

Description

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDclearswift/mailsweeper7 versions+6

▶NVDpaul_l_daniels/ripmime11 versions+10

▶NVDf-secure/internet_gatekeeper4 versions+3

🔴Vulnerability Details

GHSA

GHSA-c2p9-h4wr-rxvg: Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822↗2022-04-29

▶

CVEList

CVE-2004-0162: Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822↗2004-09-24

▶