Mailscanner

mailscanner

Vendor: Mailscanner • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-3292 1Mailscanner 1Mailscanner Nov 21, 2024 Nov 12, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain conf...Show more The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing.Show less
CVE-2010-3095 1Mailscanner 1Mailscanner Nov 21, 2024 Nov 12, 2019 N/A· v4 4.7 MEDIUM· v3 3.3 LOW· v2 mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313.
CVE-2010-3293 1Mailscanner 1Mailscanner Nov 21, 2024 Oct 28, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 mailscanner can allow local users to prevent virus signatures from being updated
CVE-2008-5313 1Mailscanner 1Mailscanner Apr 23, 2026 Dec 3, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) av...Show more mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.Show less
CVE-2008-5312 1Mailscanner 1Mailscanner Apr 23, 2026 Dec 3, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) p...Show more mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.Show less
CVE-2005-3470 1Mailscanner 1Mailscanner Apr 16, 2026 Nov 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL commands.
CVE-2005-1706 1Mailscanner 1Mailscanner Apr 16, 2026 May 24, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection.
CVE-2002-2228 1Mailscanner 1Mailscanner Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 6.4 MEDIUM· v2 MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings th...Show more MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner.Show less