7.5

CVE-2001-0398

Exploit
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT!  to misrepresent the attachment's type with a different icon.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RitlabsThe Bat Version1.0_build1336
RitlabsThe Bat Version1.0_build1349
RitlabsThe Bat Version1.1
RitlabsThe Bat Version1.011
RitlabsThe Bat Version1.14
RitlabsThe Bat Version1.15
RitlabsThe Bat Version1.015
RitlabsThe Bat Version1.17
RitlabsThe Bat Version1.18
RitlabsThe Bat Version1.19
RitlabsThe Bat Version1.21
RitlabsThe Bat Version1.22
RitlabsThe Bat Version1.028
RitlabsThe Bat Version1.029
RitlabsThe Bat Version1.31
RitlabsThe Bat Version1.031
RitlabsThe Bat Version1.32
RitlabsThe Bat Version1.032
RitlabsThe Bat Version1.33
RitlabsThe Bat Version1.34
RitlabsThe Bat Version1.035
RitlabsThe Bat Version1.35
RitlabsThe Bat Version1.036
RitlabsThe Bat Version1.36
RitlabsThe Bat Version1.037
RitlabsThe Bat Version1.39
RitlabsThe Bat Version1.039
RitlabsThe Bat Version1.041
RitlabsThe Bat Version1.41
RitlabsThe Bat Version1.42
RitlabsThe Bat Version1.42f
RitlabsThe Bat Version1.043
RitlabsThe Bat Version1.43
RitlabsThe Bat Version1.44
RitlabsThe Bat Version1.45
RitlabsThe Bat Version1.46
RitlabsThe Bat Version1.47
RitlabsThe Bat Version1.48
RitlabsThe Bat Version1.49
RitlabsThe Bat Version1.101
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.04% 0.786
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/bugtraq/2001-04/0013.html
Vendor Advisory
http://www.securityfocus.com/bid/2530
Patch
Vendor Advisory
Exploit