1. CVE-Search
  2. CVE-2003-1016
ID CVE-2003-1016
Summary Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.
References
Vulnerable Configurations
  • cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*
  • cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*
    cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq 20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue
misc http://www.uniras.gov.uk/vuls/2004/380375/mime.htm
xf mime-quote-filtering-bypass(17336)
Last major update 11-07-2017 - 01:29
Published 20-10-2004 - 04:00
Last modified 11-07-2017 - 01:29
Back to Top