Vulnerability Description
Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clearswift | Mimesweeper For Web | <= 5.1.14 |
References
- http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.h
- http://secunia.com/advisories/20998Patch
- http://www.vupen.com/english/advisories/2006/2731
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27643
- http://download.mimesweeper.com/www/TechnicalDocumentation/WebReadMeHotfix5115.h
- http://secunia.com/advisories/20998Patch
- http://www.vupen.com/english/advisories/2006/2731
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27643
FAQ
What is CVE-2006-3523?
CVE-2006-3523 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Pol...
How severe is CVE-2006-3523?
CVE-2006-3523 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3523?
Check the references section above for vendor advisories and patch information. Affected products include: Clearswift Mimesweeper For Web.