exploitDog

CVE-2006-0630

Опубликовано: 10 фев. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ritlabs:the_bat:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:ritlabs:the_bat:3.0.0.14:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00704

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r8jw-rfx3-cj99

github

почти 4 года назад

RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.

EPSS

Процентиль: 72%

0.00704

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other