Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1312

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1312
Last Modified 05 Sep 2008 04:40:57
Published 03 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1312

Summary

A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.

Vulnerable Systems

Application

  • Gfi Mailessentials 10.0

  • Gfi Mailessentials 10.1

  • Gfi Mailessentials 9.0

  • Gfi Mailsecurity 8.0


References

CONFIRM - http://kbase.gfi.com/showarticle.asp?id=KBID002249

BID - 12148

MISC - http://www.csis.dk/default.asp?m=1&a=194

SECUNIA - 13708


Last Updated: 27 May 2016 10:38:59