Vulnerability Details CVE-2003-1330
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm
- http://www.securityfocus.com/bid/7226
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11745
- http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm
- http://www.securityfocus.com/bid/7226
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11745
Products affected by CVE-2003-1330
-
cpe:2.3:a:clearswift_limited:mailsweeper:4.3.6_sp1
-
cpe:2.3:o:microsoft:all_windows:*