5 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set. Clearswift MAILsweeper para SMTP anterior a v4.3.20 y MAILsweeper para Exchange anterior a anterior a v4.3.20 permite a atacantes remotos evitar el "text analysis", posiblemente evitando SPAM y otros filtros, mediante el envió de un e-mail especificando un conjunto de caracteres no existente. • http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4%2C3%2C20.htm http://secunia.com/advisories/20756 http://www.osvdb.org/26737 http://www.securityfocus.com/bid/18584 http://www.vupen.com/english/advisories/2006/2473 https://exchange.xforce.ibmcloud.com/vulnerabilities/27301 •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to cause a denial of service via (1) non-ASCII characters in a reverse DNS lookup result from a Received header, which leads to a Receiver service stop, and (2) unspecified vectors involving malformed messages, which causes "unpredictable behavior" that prevents the Security service from processing more messages. Clearswift MAILsweeper para SMTP anterior a v4.3.20 y MAILsweeper para Exchange anterior a v4.3.20 permite a atacantes remotos provocar una denegación de servicio a través de (1) caracteres "no-ASCII" en un resultado de búsqueda de DNS inversa desde una cabecera Received, que lleva a una parada del servicio Receiver, y (2) vectores sin especificar que tienen que ver con mensajes mal formados que provocan un "comportamiento impredecible" que impide al servicio Security procesar más mensajes • http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4%2C3%2C20.htm http://secunia.com/advisories/20756 http://www.osvdb.org/26738 http://www.osvdb.org/26739 http://www.securityfocus.com/bid/18584 http://www.vupen.com/english/advisories/2006/2473 https://exchange.xforce.ibmcloud.com/vulnerabilities/27303 https://exchange.xforce.ibmcloud.com/vulnerabilities/27305 •

CVSS: 4.3EPSS: 5%CPEs: 4EXPL: 0

Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted". • http://download.mimesweeper.com/www/TechnicalDocumentation/MSWSMTP505UpdateReadMe.htm http://secunia.com/advisories/13160 http://www.osvdb.org/11602 http://www.securityfocus.com/bid/11669 https://exchange.xforce.ibmcloud.com/vulnerabilities/18035 • CWE-310: Cryptographic Issues •

CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0

MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects." • http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm http://www.securityfocus.com/bid/7562 https://exchange.xforce.ibmcloud.com/vulnerabilities/12052 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5641 •