CVE-2008-5427
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Norton Antivirus in Norton Internet Security 15.5.0.23 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.
Norton Antivirus en Norton Internet Security v15.5.0.231 no gestiona apropiadamente (1) mensajes de correo multipart/mixed con muchas partes MIME y posiblemente (2) mensajes de correo electrónico con muchas cabeceras "Content-type: message/rfc822;", lo que permite a atacantes remotos provocar una denegación de servicio (consumo de pila o consumo de otros recursos) mediante un correo electrónico de gran tamaño, un problema relacionado a CVE-2006-1173.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-12-11 CVE Reserved
- 2008-12-11 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://securityreason.com/securityalert/4721 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/499038/100/0/threaded | Mailing List | |
http://www.securityfocus.com/archive/1/499045/100/0/threaded | Mailing List |
URL | Date | SRC |
---|---|---|
http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Symantec Search vendor "Symantec" | Norton Internet Security 2008 Search vendor "Symantec" for product "Norton Internet Security 2008" | 15.5.0.23 Search vendor "Symantec" for product "Norton Internet Security 2008" and version "15.5.0.23" | - |
Affected
|