Page 4 of 28 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy. Clearswift MAILsweepe anteriores a 4.3.15 no detecta y filtra adecuadamente ficheros codificados RAR 3.20, lo que permite a atacantes remotos saltarse la política pretendida. • http://marc.info/?l=bugtraq&m=109241692108678&w=2 http://www.corsaire.com/advisories/c030807-001.txt •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. Clearswift MAILsweeper anteriores a 4.3.15 no detecta nombres de fichero en ficheros codificados BinHex (HQX), lo que permite a atacantes remotos sortear la política pretendida. • http://marc.info/?l=bugtraq&m=109241692108678&w=2 http://www.corsaire.com/advisories/c030807-001.txt •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy. Cleanswift MAILsweeper anteriores a 4.3.15 no detectan y filtran de manera adecuada ficheros codificados ZIP 6.0, lo que permite a atacantes remotos saltarse la política pretendida. • http://marc.info/?l=bugtraq&m=109241692108678&w=2 http://www.corsaire.com/advisories/c030807-001.txt •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2

Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL. • http://marc.info/?l=bugtraq&m=109224211512029&w=2 http://marc.info/?l=bugtraq&m=109225567212978&w=2 http://packetstormsecurity.nl/0408-exploits/clearswift.txt http://secunia.com/advisories/12273 http://www.securityfocus.com/bid/10918 https://exchange.xforce.ibmcloud.com/vulnerabilities/16960 •

CVSS: 6.4EPSS: 0%CPEs: 50EXPL: 1

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). Múltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) ".." (punto punto) o (2) rutas absolutas con barra inicial doble ("//ruta/absoluta"). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html http://marc.info/?l=bugtraq&m=108422737918885&w=2 http://security.gentoo.org/glsa/glsa-200405-02.xml http://www.debian.org/security/2004/dsa-515 http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html http://www.redhat.com/support/errata/RHSA-2004-178.html http://www.redhat.com/support/errata/RHSA-2004-179.html h •