Clearswift

Mimesweeper For Web

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2006-3522

  • EPSS 1.05%
  • Veröffentlicht 12.07.2006 00:05:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in an error message when trying to access a blocked we...

5

CVE-2006-3523

  • EPSS 0.67%
  • Veröffentlicht 12.07.2006 00:05:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate.

5

CVE-2005-4526

Exploit
  • EPSS 0.6%
  • Veröffentlicht 28.12.2005 01:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file.

4.3

CVE-2004-2703

  • EPSS 0.23%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to...

5

CVE-2004-1715

Exploit
  • EPSS 1.05%
  • Veröffentlicht 11.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL.