CVE-2005-3573

14 documents7 sources
Severity
5.0MEDIUM
EPSS
5.7%
top 9.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Mailman
Timeline
PublishedNov 16
Latest updateMay 3

Description

Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianmailman< 2.1.5-10
NVDgnu/mailman22 versions+21

🔴Vulnerability Details

3
GHSA
GHSA-p59g-55fw-7q46: Scrubber2022-05-03
OSV
CVE-2005-3573: Scrubber2005-11-16
CVEList
CVE-2005-3573: Scrubber2005-11-16

📋Vendor Advisories

3
Ubuntu
mailman vulnerabilities2006-01-16
Red Hat
security flaw2005-09-12
Red Hat
security flaw2005-09-01

💬Community

7
Bugzilla
CVE-2005-4153 security flaw2018-08-16
Bugzilla
CVE-2005-3573 security flaw2018-08-16
Bugzilla
CVE-2006-0052 Mailman DoS, CVE-2006-1712 Mailman cross site scripting bug and CVE-2005-3573 Mailman Denial of Service (CVE-2005-4153); also CAN-2004-1177 Cross-site scripting (XSS) vulnerability2006-06-02
Bugzilla
CVE-2005-4153 Mailman DOS2005-12-19
Bugzilla
CVE-2005-3573 Mailman Denial of Service2005-11-25