Vulnerability Description
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clearswift | Mailsweeper | 4.3.7 |
| F-Secure | Internet Gatekeeper | 6.3 |
| Paul L Daniels | Ripmime | 1.2.0 |
References
- http://marc.info/?l=bugtraq&m=109517788100063&w=2
- http://www.uniras.gov.uk/vuls/2004/380375/mime.htmVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17337
- http://marc.info/?l=bugtraq&m=109517788100063&w=2
- http://www.uniras.gov.uk/vuls/2004/380375/mime.htmVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17337
FAQ
What is CVE-2004-0051?
CVE-2004-0051 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encodin...
How severe is CVE-2004-0051?
CVE-2004-0051 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0051?
Check the references section above for vendor advisories and patch information. Affected products include: Clearswift Mailsweeper, F-Secure Internet Gatekeeper, Paul L Daniels Ripmime.