28 results (0.018 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate. Clearswift MIMEsweeper para Web antes de 5.1.15 Hotfix permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo .RAR encriptado archivado, lo que dispara un error de escaneado y provoca que termine el servicio de Web Policy Engine (Motor de Política Web). • http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.htm http://secunia.com/advisories/20998 http://www.vupen.com/english/advisories/2006/2731 https://exchange.xforce.ibmcloud.com/vulnerabilities/27643 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in an error message when trying to access a blocked web site. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Clearswift MIMEsweeper for Web versiones anteriores a 5.1.15 Hotfix, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de la URL, se ve reflejado en un mensaje de error cuando se intenta acceder a un sitio web bloqueado. • http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.htm http://marc.info/?l=full-disclosure&m=115249298204354&w=2 http://marc.info/?l=full-disclosure&m=115253320721404&w=2 http://marc.info/?l=full-disclosure&m=115253898206225&w=2 http://secunia.com/advisories/20998 http://securitytracker.com/id?1016454 http://www.securityfocus.com/archive/1/439641/100/0/threaded http://www.securityfocus.com/archive/1/440140/100/0/threaded http://www.securityfocus.com/bid&#x •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set. Clearswift MAILsweeper para SMTP anterior a v4.3.20 y MAILsweeper para Exchange anterior a anterior a v4.3.20 permite a atacantes remotos evitar el "text analysis", posiblemente evitando SPAM y otros filtros, mediante el envió de un e-mail especificando un conjunto de caracteres no existente. • http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4%2C3%2C20.htm http://secunia.com/advisories/20756 http://www.osvdb.org/26737 http://www.securityfocus.com/bid/18584 http://www.vupen.com/english/advisories/2006/2473 https://exchange.xforce.ibmcloud.com/vulnerabilities/27301 •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to cause a denial of service via (1) non-ASCII characters in a reverse DNS lookup result from a Received header, which leads to a Receiver service stop, and (2) unspecified vectors involving malformed messages, which causes "unpredictable behavior" that prevents the Security service from processing more messages. Clearswift MAILsweeper para SMTP anterior a v4.3.20 y MAILsweeper para Exchange anterior a v4.3.20 permite a atacantes remotos provocar una denegación de servicio a través de (1) caracteres "no-ASCII" en un resultado de búsqueda de DNS inversa desde una cabecera Received, que lleva a una parada del servicio Receiver, y (2) vectores sin especificar que tienen que ver con mensajes mal formados que provocan un "comportamiento impredecible" que impide al servicio Security procesar más mensajes • http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4%2C3%2C20.htm http://secunia.com/advisories/20756 http://www.osvdb.org/26738 http://www.osvdb.org/26739 http://www.securityfocus.com/bid/18584 http://www.vupen.com/english/advisories/2006/2473 https://exchange.xforce.ibmcloud.com/vulnerabilities/27303 https://exchange.xforce.ibmcloud.com/vulnerabilities/27305 •

CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1

Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file. • http://www.digitalarmaments.com/2005161283546323.html http://www.securityfocus.com/archive/1/419904/100/0/threaded http://www.securityfocus.com/bid/15982 https://exchange.xforce.ibmcloud.com/vulnerabilities/23867 •