A vulnerability was found in Clearswift MAILsweeper up to 4.3.15 and classified as critical. Affected by this issue is an unknown part of the component MIME Handler. The manipulation with an unknown input leads to a privileges management vulnerability. Using CWE to declare the problem leads to CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. Impacted is confidentiality, integrity, and availability. CVE summarizes:

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.

The weakness was presented 10/20/2004 (Website). The advisory is available at marc.theaimsgroup.com. This vulnerability is handled as CVE-2003-1015 since 12/17/2003. The exploitation is known to be easy. The attack may be launched remotely. No form of authentication is required for exploitation. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1068 by the MITRE ATT&CK project.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the vulnerability database at X-Force (9273). See 22302, 22301, 22300 and 22299 for similar entries.

Productinfo

Vendor

• Clearswift

Name

• MAILsweeper

Version

• 4.3.7
• 4.3.8
• 4.3.10
• 4.3.11
• 4.3.13
• 4.3.14
• 4.3.15

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion