Vulnerability Details CVE-2007-3803
The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.8%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/37974
- http://secunia.com/advisories/25957
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35371
- http://osvdb.org/37974
- http://secunia.com/advisories/25957
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35371
Products affected by CVE-2007-3803
-
cpe:2.3:a:clavister:clavister_coreplus:*