漏洞信息详情
Clearswift MailSweeper附录文件名验证漏洞
- CNNVD编号:CNNVD-200312-120 <!--
- 危害等级: 中危-->
- 危害等级: 中危
- CVE编号: CVE-2003-1485
- 漏洞类型: 输入验证
- 发布时间: 2003-12-31
- 威胁类型: 远程
- 更新时间: 2003-12-31
- 厂 商: clearswift
- 漏洞来源: Clearswift
-
漏洞简介
Clearswift MAILsweeper 4.0 到4.3.7版本存在漏洞。远程攻击者借助包含“multiple extensions combined with large blocks of white space”的文件附录绕过滤波。
漏洞公告
The vendor has released fixes to address this issue. A patch available to upgrade the system to 4.3.8 can only be applied to the 4.3.7 release of the software. More information is available from the vendor, and also the referenced bug report link. Clearswift MailSweeper 4.0
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
- Clearswift MailSweeper 4.3.8 http://www.clearswift.com
参考网址
来源: BID 名称: 7568 链接:http://www.securityfocus.com/bid/7568
受影响实体
- Clearswift Mailsweeper:4.0<!--2000-1-1-->
- Clearswift Mailsweeper:4.3.7<!--2000-1-1-->
- Clearswift Mailsweeper:4.3.6<!--2000-1-1-->
- Clearswift Mailsweeper:4.3.6_sp1<!--2000-1-1-->
- Clearswift Mailsweeper:4.3.5<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...