Ritlabs: >> The Bat >> 3.0.0.8 Security Vulnerabilities
RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.
CVSS Score
5.0
EPSS Score
0.007
Published
2006-02-10