Clearswift » Mailsweeper For Smtp : Security Vulnerabilities, CVEs, CVSS score >= 3
Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to cause a denial of service via (1) non-ASCII characters in a reverse DNS lookup result from a Received header, which leads to a Receiver service stop, and (2) unspecified vectors involving malformed messages, which causes "unpredictable behavior" that prevents the Security service from processing more messages.
Max CVSS
5.0
EPSS Score
3.43%
Published
2006-06-24
Updated
2017-07-20
Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set.
Max CVSS
7.5
EPSS Score
21.99%
Published
2006-06-24
Updated
2017-07-20
Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted".
Max CVSS
4.3
EPSS Score
0.44%
Published
2004-12-31
Updated
2017-07-29
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
Max CVSS
7.8
EPSS Score
1.14%
Published
2003-12-31
Updated
2017-07-29
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.33%
Published
2000-12-19
Updated
2017-10-10
5 vulnerabilities found