← Back

CVE-2003-1485

nvd nist
Published: Dec 31, 2003Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."

Affected (10)

Clearswift
1 product
Mailsweeper
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Clearswift
Mailsweeper
Version 4.0
Mailsweeper
Version 4.1
Mailsweeper
Version 4.2
Mailsweeper
Version 4.3.3
Mailsweeper
Version 4.3.4
Mailsweeper
Version 4.3.5
Mailsweeper
Version 4.3.6
Mailsweeper
Version 4.3.6_sp1
Mailsweeper
Version 4.3.7
Mailsweeper
Version 4.3

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.