Vulnerability Description
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | All Windows | All versions |
| Clearswift | Mailsweeper For Smtp | 4.3.6 |
Related Weaknesses (CWE)
References
- http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm
- http://www.securityfocus.com/bid/7562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12052
- http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm
- http://www.securityfocus.com/bid/7562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12052
FAQ
What is CVE-2003-1477?
CVE-2003-1477 is a vulnerability with a CVSS score of 7.8 (HIGH). MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
How severe is CVE-2003-1477?
CVE-2003-1477 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1477?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft All Windows, Clearswift Mailsweeper For Smtp.