Vulnerability Description
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clearswift | Mailsweeper | 4.3.7 |
| F-Secure | Internet Gatekeeper | 6.3 |
| Paul L Daniels | Ripmime | 1.2.0 |
References
- http://marc.info/?l=bugtraq&m=109517669115891&w=2
- http://www.uniras.gov.uk/vuls/2004/380375/mime.htmVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17334
- http://marc.info/?l=bugtraq&m=109517669115891&w=2
- http://www.uniras.gov.uk/vuls/2004/380375/mime.htmVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17334
FAQ
What is CVE-2004-0052?
CVE-2004-0052 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators ...
How severe is CVE-2004-0052?
CVE-2004-0052 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0052?
Check the references section above for vendor advisories and patch information. Affected products include: Clearswift Mailsweeper, F-Secure Internet Gatekeeper, Paul L Daniels Ripmime.