// For flags

CVE-2002-1121

 

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

motores de filtrado de contenido SMTP, incluyendo
GFI MailSecurity para Exchange/SMTP anteriores a 7.2
InterScan VirusWall anteriores a 3.52 compilación 1494
la configuración por defecto de MIMEDefang anteriores a 2.21
y posiblemente otros productos, no detectan correos electrónicos fragmentados como se define en la RFC2046 ("Fragmentación y ensamblaje de Mensajes"), y soportado en productos como Outlook Express, lo que permite a atacantes remotos evitar el filtrado de contenido, incluyendo la comprobación de virus, mediante correos fragmentados con el tipo de contenido message/partial.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2002-09-11 CVE Reserved
  • 2002-09-14 CVE Published
  • 2023-07-13 EPSS Updated
  • 2024-08-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gfi
Search vendor "Gfi"
Mailsecurity
Search vendor "Gfi" for product "Mailsecurity"
7.2
Search vendor "Gfi" for product "Mailsecurity" and version "7.2"
exchange_smtp
Affected
Network Associates
Search vendor "Network Associates"
Webshield Smtp
Search vendor "Network Associates" for product "Webshield Smtp"
4.0.5
Search vendor "Network Associates" for product "Webshield Smtp" and version "4.0.5"
-
Affected
Network Associates
Search vendor "Network Associates"
Webshield Smtp
Search vendor "Network Associates" for product "Webshield Smtp"
4.5
Search vendor "Network Associates" for product "Webshield Smtp" and version "4.5"
-
Affected
Network Associates
Search vendor "Network Associates"
Webshield Smtp
Search vendor "Network Associates" for product "Webshield Smtp"
4.5.44
Search vendor "Network Associates" for product "Webshield Smtp" and version "4.5.44"
-
Affected
Network Associates
Search vendor "Network Associates"
Webshield Smtp
Search vendor "Network Associates" for product "Webshield Smtp"
4.5.74.0
Search vendor "Network Associates" for product "Webshield Smtp" and version "4.5.74.0"
-
Affected
Roaring Penguin
Search vendor "Roaring Penguin"
Canit
Search vendor "Roaring Penguin" for product "Canit"
1.2
Search vendor "Roaring Penguin" for product "Canit" and version "1.2"
-
Affected
Roaring Penguin
Search vendor "Roaring Penguin"
Mimedefang
Search vendor "Roaring Penguin" for product "Mimedefang"
2.14
Search vendor "Roaring Penguin" for product "Mimedefang" and version "2.14"
-
Affected
Roaring Penguin
Search vendor "Roaring Penguin"
Mimedefang
Search vendor "Roaring Penguin" for product "Mimedefang"
2.20
Search vendor "Roaring Penguin" for product "Mimedefang" and version "2.20"
-
Affected
Trend Micro
Search vendor "Trend Micro"
Interscan Viruswall
Search vendor "Trend Micro" for product "Interscan Viruswall"
3.5
Search vendor "Trend Micro" for product "Interscan Viruswall" and version "3.5"
-
Affected
Trend Micro
Search vendor "Trend Micro"
Interscan Viruswall
Search vendor "Trend Micro" for product "Interscan Viruswall"
3.51
Search vendor "Trend Micro" for product "Interscan Viruswall" and version "3.51"
-
Affected
Trend Micro
Search vendor "Trend Micro"
Interscan Viruswall
Search vendor "Trend Micro" for product "Interscan Viruswall"
3.52
Search vendor "Trend Micro" for product "Interscan Viruswall" and version "3.52"
-
Affected