Vulnerability Details CVE-2007-3803
The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/37974
- http://secunia.com/advisories/25957
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35371
- http://osvdb.org/37974
- http://secunia.com/advisories/25957
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf
- http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35371
Products affected by CVE-2007-3803
-
cpe:2.3:a:clavister:clavister_coreplus:*